Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* Note: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
395  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
396     (metis "&E" "&I" "raa-cor:3" "→I" MP)
397AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
398  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
399     (metis "&E" "&I" "raa-cor:3" "→I" MP)
400AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
401  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
402     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
403
404AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
405  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
406     (meson "&I" "&E" "→I")
407lemmas "Commutativity of &" = "oth-class-taut:2:a"
408AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
409  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
410     (metis "&I" "&E" "→I")
411lemmas "Associativity of &" = "oth-class-taut:2:b"
412AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
413  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
414     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
415lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
416AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
417  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
418     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
419lemmas "Associativity of ∨" = "oth-class-taut:2:d"
420AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
421  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
422      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
423            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
424lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
425AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
426  using "conventions:3"[THEN "df-rules-formulas[4]"]
427        "conventions:3"[THEN "df-rules-formulas[3]"]
428        "→I" "→E" "&E" "&I"
429  by metis
430lemmas "Associativity of ≡" = "oth-class-taut:2:f"
431
432AOT_theorem "oth-class-taut:3:a": φ  φ
433  using "&I" "vdash-properties:6" "if-p-then-p"
434        "df-rules-formulas[4]" "conventions:3" by blast
435AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
436  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
437        "df-rules-formulas[4]" "conventions:3" by blast
438AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
439  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
440
441AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
442  by (metis "→E" "→I")
443AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
444  using "conventions:3"[THEN "df-rules-formulas[4]"]
445        "conventions:3"[THEN "df-rules-formulas[3]"]
446        "→I" "→E" "&E" "&I" RAA by metis
447AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
448  using "conventions:3"[THEN "df-rules-formulas[4]"]
449        "conventions:3"[THEN "df-rules-formulas[3]"]
450        "→I" "→E" "&E" "&I" by metis
451AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
452  using "conventions:3"[THEN "df-rules-formulas[4]"]
453        "conventions:3"[THEN "df-rules-formulas[3]"]
454        "→I" "→E" "&E" "&I" by metis
455AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
456  using "conventions:3"[THEN "df-rules-formulas[4]"]
457        "conventions:3"[THEN "df-rules-formulas[3]"]
458        "→I" "→E" "&E" "&I" by metis
459AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
460  using "conventions:3"[THEN "df-rules-formulas[4]"]
461        "conventions:3"[THEN "df-rules-formulas[3]"]
462        "→I" "→E" "&E" "&I" by metis
463AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
464proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
465                   "&I" "→I"
466           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
467  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
468    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
469next
470  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
471    using that "∨E" "&E" "raa-cor:3" by blast
472next
473  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
474    using that "∨E" "&E" "raa-cor:3" by blast
475qed
476AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
477proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
478                    "&I" "→I")
479  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
480    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
481              "raa-cor:3" "conventions:3")
482next
483  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
484    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
485              "raa-cor:3" "conventions:3")
486qed
487AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
488  using "conventions:3"[THEN "df-rules-formulas[4]"]
489        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
490AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
491  using "conventions:3"[THEN "df-rules-formulas[4]"]
492        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
493AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
494  using "conventions:3"[THEN "df-rules-formulas[4]"]
495        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
496AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
497  using "conventions:3"[THEN "df-rules-formulas[4]"]
498        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
499
500lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
501
502AOT_theorem "oth-class-taut:6:a":
503  (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
504  using "conventions:3"[THEN "df-rules-formulas[4]"]
505        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
506AOT_theorem "oth-class-taut:6:b":
507  (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
508  using "conventions:3"[THEN "df-rules-formulas[4]"]
509        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
510
511AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
512  by (metis "&I" "→E" "→I")
513lemmas Exportation = "oth-class-taut:7:a"
514AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
515  by (metis "&E" "→E" "→I")
516lemmas Importation = "oth-class-taut:7:b"
517
518AOT_theorem "oth-class-taut:8:a":
519  (φ  (ψ  χ))  (ψ  (φ  χ))
520  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
521  by metis
522lemmas Permutation = "oth-class-taut:8:a"
523AOT_theorem "oth-class-taut:8:b":
524  (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
525  by (metis "&I" "→E" "→I")
526lemmas Composition = "oth-class-taut:8:b"
527AOT_theorem "oth-class-taut:8:c":
528  (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
529  by (metis "∨E"(2) "→E" "→I" RAA(1))
530AOT_theorem "oth-class-taut:8:d":
531  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
532  by (metis "&E" "&I" "→E" "→I")
533lemmas "Double Composition" = "oth-class-taut:8:d"
534AOT_theorem "oth-class-taut:8:e":
535  ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
536  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
537            "conventions:3"[THEN "df-rules-formulas[3]"]
538            "→I" "→E" "&E" "&I")
539AOT_theorem "oth-class-taut:8:f":
540  ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
541  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
542            "conventions:3"[THEN "df-rules-formulas[3]"]
543            "→I" "→E" "&E" "&I")
544AOT_theorem "oth-class-taut:8:g":
545  (ψ  χ)  ((φ  ψ)  (φ  χ))
546  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
547            "conventions:3"[THEN "df-rules-formulas[3]"]
548            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
549AOT_theorem "oth-class-taut:8:h":
550  (ψ  χ)  ((ψ  φ)  (χ  φ))
551  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
552            "conventions:3"[THEN "df-rules-formulas[3]"]
553            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
554AOT_theorem "oth-class-taut:8:i":
555  (φ  (ψ & χ))  (ψ  (φ  χ))
556  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
557            "conventions:3"[THEN "df-rules-formulas[3]"]
558            "→I" "→E" "&E" "&I")
559
560AOT_theorem "intro-elim:1":
561  assumes φ  ψ and φ  χ and ψ  Θ
562  shows χ  Θ
563  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
564            "conventions:3"[THEN "df-rules-formulas[3]"])
565
566AOT_theorem "intro-elim:2":
567  assumes φ  ψ and ψ  φ
568  shows φ  ψ
569  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
570lemmas "≡I" = "intro-elim:2"
571
572AOT_theorem "intro-elim:3:a":
573  assumes φ  ψ and φ
574  shows ψ
575  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
576AOT_theorem "intro-elim:3:b":
577  assumes φ  ψ and ψ
578  shows φ
579  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
580AOT_theorem "intro-elim:3:c":
581  assumes φ  ψ and ¬φ
582  shows ¬ψ
583  using "intro-elim:3:b" "raa-cor:3" assms by blast
584AOT_theorem "intro-elim:3:d":
585  assumes φ  ψ and ¬ψ
586  shows ¬φ
587  using "intro-elim:3:a" "raa-cor:3" assms by blast
588AOT_theorem "intro-elim:3:e":
589  assumes φ  ψ and ψ  χ
590  shows φ  χ
591  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
592declare "intro-elim:3:e"[trans]
593AOT_theorem "intro-elim:3:f":
594  assumes φ  ψ and φ  χ
595  shows χ  ψ
596  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
597lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
598              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
599
600declare "Commutativity of ≡"[THEN "≡E"(1), sym]
601
602AOT_theorem "rule-eq-df:1":
603  assumes φ df ψ
604  shows φ  ψ
605  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
606lemmas "≡Df" = "rule-eq-df:1"
607AOT_theorem "rule-eq-df:2":
608  assumes φ df ψ and φ
609  shows ψ
610  using "≡Df" "≡E"(1) assms by blast
611lemmas "≡dfE" = "rule-eq-df:2"
612AOT_theorem "rule-eq-df:3":
613  assumes φ df ψ and ψ
614  shows φ
615  using "≡Df" "≡E"(2) assms by blast
616lemmas "≡dfI" = "rule-eq-df:3"
617
618AOT_theorem  "df-simplify:1":
619  assumes φ  (ψ & χ) and ψ
620  shows φ  χ
621  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
622(* Note: this is a slight variation from PLM *)
623AOT_theorem  "df-simplify:2":
624  assumes φ  (ψ & χ) and χ
625  shows φ  ψ
626  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
627lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
628
629subsection‹The Theory of Quantification›
630text‹\label{PLM: 9.6}›
631
632AOT_theorem "rule-ui:1":
633  assumes α φ{α} and τ
634  shows φ{τ}
635  using "→E" "cqt:1"[axiom_inst] assms by blast
636AOT_theorem "rule-ui:2[const_var]":
637  assumes α φ{α}
638  shows φ{β}
639  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
640AOT_theorem "rule-ui:2[lambda]":
641  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
642  shows φ{ν1...νn ψ{ν1...νn}]}
643  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
644AOT_theorem "rule-ui:3":
645  assumes α φ{α}
646  shows φ{α}
647  by (simp add: "rule-ui:2[const_var]" assms)
648lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
649              "rule-ui:2[lambda]" "rule-ui:3"
650
651AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
652  by (simp add: "∀E"(2) "→I")
653AOT_theorem "cqt-orig:1[lambda]":
654  assumes INSTANCE_OF_CQT_2(ψ)
655  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
656  by (simp add: "∀E"(3) "→I" assms)
657AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
658  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
659AOT_theorem "cqt-orig:3": α φ{α}  φ{α}
660  using "cqt-orig:1[const_var]".
661
662AOT_theorem universal:
663  assumes for arbitrary β: φ{β}
664  shows α φ{α}
665  using GEN assms .
666lemmas "∀I" = universal
667
668(* Generalized mechanism for "∀I" followed by ∀E *)
669ML670fun get_instantiated_allI ctxt varname thm = let
671val trm = Thm.concl_of thm
672val trm =
673  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
674  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
675fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
676    (* TODO: better handling of indices *)
677    (if fst (fst v) = fst varname then [Var v] else [])
678  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
679  | extractVars (Abs (_, _, t)) = extractVars t
680  | extractVars _ = []
681val vars = extractVars trm
682val vars = fold Term.add_vars vars []
683val var = hd vars
684val trmty =
685  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
686  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
687val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
688      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
689       $ Var var, trm))
690val trm = Thm.cterm_of (Context.proof_of ctxt) trm
691val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
692val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
693fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
694val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
695fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
696val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
697val allthm = Drule.instantiate_normalize (TVars_make [(ty, typ)],Vars_empty) @{thm "∀I"}
698val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
699val allthm = Drule.instantiate_normalize (TVars_empty, Vars_make [(phi,trm)]) allthm
700in
701allthm
702end
703
704
705attribute_setup "∀I" =
706  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
707  (fn ctxt => fn thm => fold (fn arg => fn thm =>
708    thm RS get_instantiated_allI ctxt arg thm) args thm))
709  "Quantify over a variable in a theorem using GEN."
710
711attribute_setup "unvarify" =
712  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
713  (fn ctxt => fn thm =>
714    let
715      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
716      val thm = fold get_inst_allI args thm
717      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
718    in
719     thm
720    end))
721  "Generalize a statement about variables to a statement about denoting terms."
722
723(* Note: rereplace-lem does not apply to the embedding *)
724
725AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
726  by (metis "≡I" "∀E"(2) "∀I" "→I")
727
728AOT_theorem "cqt-basic:2":
729  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
730proof (rule "≡I"; rule "→I")
731  AOT_assume α(φ{α}  ψ{α})
732  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
733  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
734    using "≡E"(1,2) "→I" by blast+
735  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
736    by (auto intro: "&I" "∀I")
737next
738  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
739  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
740    using "∀E"(2) "&E" by blast+
741  AOT_hence φ{α}  ψ{α} for α
742    using "≡I" by blast
743  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
744qed
745
746AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
747proof(rule "→I")
748  AOT_assume α(φ{α}  ψ{α})
749  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
750  {
751    AOT_assume α φ{α}
752    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
753  }
754  moreover {
755    AOT_assume α ψ{α}
756    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
757  }
758  ultimately AOT_show α φ{α}  α ψ{α}
759    using "≡I" "→I" by auto
760qed
761
762AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
763proof(rule "→I")
764  AOT_assume 0: α(φ{α} & ψ{α})
765  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
766  AOT_thus α φ{α} & α ψ{α}
767    by (auto intro: "∀I" "&I")
768qed
769
770AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
771  using "cqt-orig:3" by blast
772
773AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
774  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
775
776AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
777  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
778
779AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
780  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
781
782AOT_theorem "cqt-basic:9":
783  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
784proof -
785  {
786    AOT_assume α (φ{α}  ψ{α})
787    moreover AOT_assume α (ψ{α}  χ{α})
788    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
789      using "∀E" by blast+
790    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
791    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
792  }
793  thus ?thesis using "&I" "→I" "&E" by meson
794qed
795
796AOT_theorem "cqt-basic:10":
797  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
798proof(rule "→I"; rule "∀I")
799  fix β
800  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
801  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
802  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
803qed
804
805AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
806proof (rule "≡I"; rule "→I")
807  AOT_assume 0: α(φ{α}  ψ{α})
808  {
809    fix α
810    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
811    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
812  }
813  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
814next
815  AOT_assume 0: α(ψ{α}  φ{α})
816  {
817    fix α
818    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
819    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
820  }
821  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
822qed
823
824AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
825  by (simp add: "∀E"(2) "→I" GEN)
826
827AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
828  using "≡I" "→I" by blast
829
830AOT_theorem "cqt-basic:14":
831  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
832   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
833  using "cqt:3"[axiom_inst] by auto
834
835AOT_theorem "cqt-basic:15":
836  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
837  using "cqt-orig:2" by auto
838
839AOT_theorem "universal-cor":
840  assumes for arbitrary β: φ{β}
841  shows α φ{α}
842  using GEN assms .
843
844AOT_theorem "existential:1":
845  assumes φ{τ} and τ
846  shows α φ{α}
847proof(rule "raa-cor:1")
848  AOT_assume ¬α φ{α}
849  AOT_hence α ¬φ{α}
850    using "≡dfI" "conventions:4" RAA "&I" by blast
851  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
852  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
853qed
854
855AOT_theorem "existential:2[const_var]":
856  assumes φ{β}
857  shows α φ{α}
858  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
859
860AOT_theorem "existential:2[lambda]":
861  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
862  shows α φ{α}
863  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
864lemmas "∃I" = "existential:1" "existential:2[const_var]"
865              "existential:2[lambda]" 
866
867AOT_theorem "instantiation":
868  assumes for arbitrary β: φ{β}  ψ and α φ{α}
869  shows ψ
870  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
871lemmas "∃E" = "instantiation"
872
873AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
874  using "∀E"(4) "∃I"(2) "→I" by metis
875
876AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
877  using "∀I" "∃I"(2) "→I" RAA by metis
878
879AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
880  using "∀E"(4) "∃E" "→I" RAA
881  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
882
883AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
884  using "∀I" "∃I"(2)"→I" RAA by metis
885
886AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
887  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
888
889AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
890  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
891
892(* NOTE: vacuous in the embedding *)
893AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
894  by (simp add: "oth-class-taut:3:a")
895
896AOT_theorem "cqt-further:8":
897  (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
898  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
899
900AOT_theorem "cqt-further:9":
901  (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
902  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
903
904AOT_theorem "cqt-further:10":
905  (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
906proof(rule "→I"; rule "raa-cor:2")
907  AOT_assume 0: α φ{α} & ¬α ψ{α}
908  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
909  moreover AOT_assume α (φ{α}  ψ{α})
910  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
911  AOT_hence α ψ{α} using "∃I" by blast
912  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
913qed
914
915AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
916  using "≡I" "→I" "∃I"(2) "∃E" by metis
917
918subsection‹Logical Existence, Identity, and Truth›
919text‹\label{PLM: 9.7}›
920
921AOT_theorem "log-prop-prop:1":  φ]
922  using "cqt:2[lambda0]"[axiom_inst] by auto
923
924AOT_theorem "log-prop-prop:2": φ
925  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
926
927AOT_theorem "exist-nec": τ  τ
928proof -
929  AOT_have β β
930    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
931  AOT_thus τ  τ
932    using "cqt:1"[axiom_inst] "→E" by blast
933qed
934
935(* TODO: replace this mechanism by a "proof by types" command *)
936class AOT_Term_id = AOT_Term +
937  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
938      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
939
940instance κ :: AOT_Term_id
941proof
942  AOT_modally_strict {
943    AOT_show κ = κ'  κ for κ κ'
944    proof(rule "→I")
945      AOT_assume κ = κ'
946      AOT_hence O!κ  A!κ
947        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
948           (meson "→I" "∨I"(1) "&E"(1))+
949      AOT_thus κ
950        by (rule "∨E"(1))
951           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
952    qed
953  }
954next
955  AOT_modally_strict {
956    AOT_show κ = κ'  κ' for κ κ'
957    proof(rule "→I")
958      AOT_assume κ = κ'
959      AOT_hence O!κ'  A!κ'
960        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
961           (meson "→I" "∨I" "&E")+
962      AOT_thus κ'
963        by (rule "∨E"(1))
964           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
965    qed
966  }
967qed
968
969instance rel :: (AOT_κs) AOT_Term_id
970proof
971  AOT_modally_strict {
972    AOT_show Π = Π'  Π for Π Π' :: <'a>
973    proof(rule "→I")
974      AOT_assume Π = Π'
975      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
976    qed
977  }
978next
979  AOT_modally_strict {
980    AOT_show Π = Π'  Π' for Π Π' :: <'a>
981    proof(rule "→I")
982      AOT_assume Π = Π'
983      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
984    qed
985  }
986qed
987
988instance 𝗈 :: AOT_Term_id
989proof
990  AOT_modally_strict {
991    fix φ ψ
992    AOT_show φ = ψ  φ
993    proof(rule "→I")
994      AOT_assume φ = ψ
995      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
996    qed
997  }
998next
999  AOT_modally_strict {
1000    fix φ ψ
1001    AOT_show φ = ψ  ψ
1002    proof(rule "→I")
1003      AOT_assume φ = ψ
1004      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1005    qed
1006  }
1007qed
1008
1009instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
1010proof
1011  AOT_modally_strict {
1012    fix τ τ' :: 'a×'b
1013    AOT_show τ = τ'  τ
1014    proof (induct τ; induct τ'; rule "→I")
1015      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1016      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1017      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1018      AOT_hence τ1 and τ2
1019        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1020      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1021    qed
1022  }
1023next
1024  AOT_modally_strict {
1025    fix τ τ' :: 'a×'b
1026    AOT_show τ = τ'  τ'
1027    proof (induct τ; induct τ'; rule "→I")
1028      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1029      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1030      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1031      AOT_hence τ1' and τ2'
1032        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1033      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1034    qed
1035  }
1036qed
1037
1038(* This is the end of the "proof by types" and
1039   makes the results available on new theorems *)
1040AOT_register_type_constraints
1041  Term: _::AOT_Term_id› _::AOT_Term_id›
1042AOT_register_type_constraints
1043  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1044AOT_register_type_constraints
1045  Relation: <_::{AOT_κs, AOT_Term_id}>
1046
1047AOT_theorem "id-rel-nec-equiv:1":
1048  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1049proof(rule "→I")
1050  AOT_assume assumption: Π = Π'
1051  AOT_hence Π and Π'
1052    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1053  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1054                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1055    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1056  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1057                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1058    using "∀E"(1) by blast
1059  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1060             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1061    using assumption "→E" by blast
1062  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1063    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1064  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1065    using "→E" by blast
1066qed
1067
1068AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1069proof(rule "→I")
1070  AOT_assume assumption: φ = ψ
1071  AOT_hence φ and ψ
1072    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1073  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1074    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1075  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1076    using "∀E"(1) by blast
1077  AOT_hence (φ  φ)  (φ  ψ)
1078    using assumption "→E" by blast
1079  moreover AOT_have (φ  φ)
1080    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1081  ultimately AOT_show (φ  ψ)
1082    using "→E" by blast
1083qed
1084
1085AOT_theorem "rule=E":
1086  assumes φ{τ} and τ = σ
1087  shows φ{σ}
1088proof -
1089  AOT_have τ and σ
1090    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1091  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1092    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1093  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1094    using "∀E"(1) by blast
1095  AOT_thus φ{σ} using assms "→E" by blast
1096qed
1097
1098AOT_theorem "propositions-lemma:1":  φ] = φ
1099proof -
1100  AOT_have φ by (simp add: "log-prop-prop:2")
1101  moreover AOT_have p  p] = p
1102    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1103  ultimately AOT_show  φ] = φ
1104    using "∀E" by blast
1105qed
1106
1107AOT_theorem "propositions-lemma:2":  φ]  φ
1108proof -
1109  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1110  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1111qed
1112
1113(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1114
1115AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1116  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1117
1118(* dr-alphabetic-rules does not apply *)
1119
1120AOT_theorem "oa-exist:1": O!
1121proof -
1122  AOT_have x [E!]x] by "cqt:2[lambda]"
1123  AOT_hence 1: O! = x [E!]x]
1124    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1125  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1126qed
1127
1128AOT_theorem "oa-exist:2": A!
1129proof -
1130  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1131  AOT_hence 1: A! = x ¬[E!]x]
1132    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1133  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1134qed
1135
1136AOT_theorem "oa-exist:3": O!x  A!x
1137proof(rule "raa-cor:1")
1138  AOT_assume ¬(O!x  A!x)
1139  AOT_hence A: ¬O!x and B: ¬A!x
1140    using "Disjunction Addition"(1) "modus-tollens:1"
1141          "∨I"(2) "raa-cor:5" by blast+
1142  AOT_have C: O! = x [E!]x]
1143    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1144  AOT_have D: A! = x ¬[E!]x]
1145    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1146  AOT_have E: ¬x [E!]x]x
1147    using A C "rule=E" by fast
1148  AOT_have F: ¬x ¬[E!]x]x
1149    using B D "rule=E" by fast
1150  AOT_have G: x [E!]x]x  [E!]x
1151    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1152  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1153    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1154  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1155qed
1156
1157AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1158proof -
1159  AOT_have F = G  F & G & x(x[F]  x[G])
1160    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1161          "→E" "&E" "≡I" "→I" by blast
1162  moreover AOT_have F and G
1163    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1164  ultimately AOT_show F = G  x(x[F]  x[G])
1165    using "≡S"(1) "&I" by blast
1166qed
1167
1168AOT_theorem "p-identity-thm2:2[2]":
1169  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1170proof -
1171  AOT_have F = G  F & G &
1172              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1173    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1174          "→E" "&E" "≡I" "→I" by blast
1175  moreover AOT_have F and G
1176    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1177  ultimately show ?thesis
1178    using "≡S"(1) "&I" by blast
1179qed
1180    
1181AOT_theorem "p-identity-thm2:2[3]":
1182  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1183                  x [F]y1xy2] = x [G]y1xy2] &
1184                  x [F]y1y2x] = x [G]y1y2x])
1185proof -
1186  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1187                                     x [F]y1xy2] = x [G]y1xy2] &
1188                                     x [F]y1y2x] = x [G]y1y2x])
1189    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1190          "→E" "&E" "≡I" "→I" by blast
1191  moreover AOT_have F and G
1192    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1193  ultimately show ?thesis
1194    using "≡S"(1) "&I" by blast
1195qed
1196
1197AOT_theorem "p-identity-thm2:2[4]":
1198  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1199                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1200                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1201                     x [F]y1y2y3x] = x [G]y1y2y3x])
1202proof -
1203  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1204                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1205                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1206                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1207    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1208          "→E" "&E" "≡I" "→I" by blast
1209  moreover AOT_have F and G
1210    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1211  ultimately show ?thesis
1212    using "≡S"(1) "&I" by blast
1213qed
1214
1215AOT_theorem "p-identity-thm2:2":
1216  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1217proof -
1218  AOT_have F = G  F & G &
1219              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1220    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1221          "→E" "&E" "≡I" "→I" by blast
1222  moreover AOT_have F and G
1223    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1224  ultimately show ?thesis
1225    using "≡S"(1) "&I" by blast
1226qed
1227
1228AOT_theorem "p-identity-thm2:3":
1229  p = q  x p] = x q]
1230proof -
1231  AOT_have p = q  p & q & x p] = x q]
1232    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1233          "→E" "&E" "≡I" "→I" by blast
1234  moreover AOT_have p and q
1235    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1236  ultimately show ?thesis
1237    using "≡S"(1) "&I" by blast
1238qed
1239
1240class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1241
1242instance κ :: AOT_Term_id_2
1243proof
1244  AOT_modally_strict {
1245    fix x
1246    {
1247      AOT_assume O!x
1248      moreover AOT_have F([F]x  [F]x)
1249        using RN GEN "oth-class-taut:3:a" by fast
1250      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1251    }
1252    moreover {
1253      AOT_assume A!x
1254      moreover AOT_have F(x[F]  x[F])
1255        using RN GEN "oth-class-taut:3:a" by fast
1256      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1257    }
1258    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1259                         (A!x & A!x & F(x[F]  x[F]))
1260      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1261    AOT_thus x = x
1262      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1263  }
1264qed
1265
1266instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1267proof
1268  AOT_modally_strict {
1269    fix F :: "<'a> AOT_var"
1270    AOT_have 0: x1...xn [F]x1...xn] = F
1271      by (simp add: "lambda-predicates:3"[axiom_inst])
1272    AOT_have x1...xn [F]x1...xn]
1273      by "cqt:2[lambda]"
1274    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1275      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1276    AOT_show F = F using "rule=E" 0 by force 
1277  }
1278qed
1279
1280instance 𝗈 :: AOT_Term_id_2
1281proof
1282  AOT_modally_strict {
1283    fix p
1284    AOT_have 0:  p] = p
1285      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1286    AOT_have  p]
1287      by (rule "cqt:2[lambda0]"[axiom_inst])
1288    AOT_hence  p] =  p]
1289      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1290    AOT_show p = p using "rule=E" 0 by force
1291  }
1292qed
1293
1294instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1295proof
1296  AOT_modally_strict {
1297    fix α :: ('a×'b) AOT_var›
1298    AOT_show α = α
1299    proof (induct)
1300      AOT_show τ = τ if τ for τ :: 'a×'b
1301        using that
1302      proof (induct τ)
1303        fix τ1 :: 'a and τ2 :: 'b
1304        AOT_assume «(τ1,τ2)»
1305        AOT_hence τ1 and τ2
1306          using "≡dfE" "&E" tuple_denotes by blast+
1307        AOT_hence τ1 = τ1 and τ2 = τ2
1308          using "id-eq:1"[unvarify α] by blast+
1309        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1310          by (metis "≡dfI" "&I" tuple_identity_1)
1311      qed
1312    qed
1313  }
1314qed
1315
1316AOT_register_type_constraints
1317  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1318AOT_register_type_constraints
1319  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1320AOT_register_type_constraints
1321  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1322
1323AOT_theorem "id-eq:2": α = β  β = α
1324  by (meson "rule=E" "deduction-theorem")
1325
1326AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1327  using "rule=E" "→I" "&E" by blast
1328
1329AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1330proof (rule "≡I"; rule "→I")
1331  AOT_assume 0: α = β
1332  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1333  AOT_show γ (α = γ  β = γ)
1334    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1335next
1336  AOT_assume γ (α = γ  β = γ)
1337  AOT_hence α = α  β = α using "∀E"(2) by blast
1338  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1339  AOT_hence β = α using "id-eq:1" "→E" by blast
1340  AOT_thus α = β using "id-eq:2" "→E" by blast
1341qed
1342
1343AOT_theorem "rule=I:1":
1344  assumes τ
1345  shows τ = τ
1346proof -
1347  AOT_have α (α = α)
1348    by (rule GEN) (metis "id-eq:1")
1349  AOT_thus τ = τ using assms "∀E" by blast
1350qed
1351
1352AOT_theorem "rule=I:2[const_var]": "α = α"
1353  using "id-eq:1".
1354
1355AOT_theorem "rule=I:2[lambda]":
1356  assumes INSTANCE_OF_CQT_2(φ)
1357  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1358proof -
1359  AOT_have α (α = α)
1360    by (rule GEN) (metis "id-eq:1")
1361  moreover AOT_have ν1...νn φ{ν1...νn}]
1362    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1363  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1364    using assms "∀E" by blast
1365qed
1366
1367lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1368
1369AOT_theorem "rule-id-df:1":
1370  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1371  shows τ{τ1...τn} = σ{τ1...τn}
1372proof -
1373  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1374    using "df-rules-terms[3]" assms(1) "&E" by blast
1375  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1376    using assms(2) "→E" by blast
1377qed
1378
1379AOT_theorem "rule-id-df:1[zero]":
1380  assumes τ =df σ and σ
1381  shows τ = σ
1382proof -
1383  AOT_have σ  τ = σ
1384    using "df-rules-terms[4]" assms(1) "&E" by blast
1385  AOT_thus τ = σ
1386    using assms(2) "→E" by blast
1387qed
1388
1389AOT_theorem "rule-id-df:2:a":
1390  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1391  shows φ{σ{τ1...τn}}
1392proof -
1393  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1394  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1395qed
1396
1397AOT_theorem "rule-id-df:2:a[2]":
1398  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1399    and σ{«(τ1,τ2)»}
1400      and φ{τ{«(τ1,τ2)»}}
1401  shows φ{σ{«(τ1::'a::AOT_Term_id_2,τ2::'b::AOT_Term_id_2)»}}
1402proof -
1403  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1404    using "rule-id-df:1" assms(1,2) by auto
1405  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1406qed
1407
1408AOT_theorem "rule-id-df:2:a[zero]":
1409  assumes τ =df σ and σ and φ{τ}
1410  shows φ{σ}
1411proof -
1412  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1413  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1414qed
1415
1416lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1417
1418AOT_theorem "rule-id-df:2:b":
1419  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1420  shows φ{τ{τ1...τn}}
1421proof -
1422  AOT_have τ{τ1...τn} = σ{τ1...τn}
1423    using "rule-id-df:1" assms(1,2) by blast
1424  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1425    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1426  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1427qed
1428
1429AOT_theorem "rule-id-df:2:b[2]":
1430  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1431      and σ{«(τ1,τ2)»}
1432      and φ{σ{«(τ1,τ2)»}}
1433  shows φ{τ{«(τ1::'a::AOT_Term_id_2,τ2::'b::AOT_Term_id_2)»}}
1434proof -
1435  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1436    using "=I"(1) "rule-id-df:2:a[2]" RAA(1) assms(1,2) "→I" by metis
1437  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1438    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1439  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1440qed
1441
1442AOT_theorem "rule-id-df:2:b[zero]":
1443  assumes τ =df σ and σ and φ{σ}
1444  shows φ{τ}
1445proof -
1446  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1447  AOT_hence σ = τ
1448    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1449  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1450qed
1451
1452lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1453
1454AOT_theorem "free-thms:1": τ  β (β = τ)
1455  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1456
1457AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1458  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1459
1460AOT_theorem "free-thms:3[const_var]": β (β = α)
1461  by (meson "∃I"(2) "id-eq:1")
1462
1463AOT_theorem "free-thms:3[lambda]":
1464  assumes INSTANCE_OF_CQT_2(φ)
1465  shows β (β = ν1...νn φ{ν1...νn}])
1466  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1467
1468AOT_theorem "free-thms:4[rel]":
1469  ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1470  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1471            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1472
1473AOT_theorem "free-thms:4[vars]":
1474  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1475  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1476            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1477
1478AOT_theorem "free-thms:4[1,rel]":
1479  ([Π]κ  κ[Π])  β (β = Π)
1480  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1481            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1482AOT_theorem "free-thms:4[1,1]":
1483  ([Π]κ  κ[Π])  β (β = κ)
1484  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1485            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1486
1487AOT_theorem "free-thms:4[2,rel]":
1488  ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1489  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1490            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1491AOT_theorem "free-thms:4[2,1]":
1492  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1493  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1494            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1495AOT_theorem "free-thms:4[2,2]":
1496  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1497  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1498            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1499AOT_theorem "free-thms:4[3,rel]":
1500  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1501  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1502            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1503AOT_theorem "free-thms:4[3,1]":
1504  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1505  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1506            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1507AOT_theorem "free-thms:4[3,2]":
1508  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1509  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1510            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1511AOT_theorem "free-thms:4[3,3]":
1512  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1513  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1514            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1515AOT_theorem "free-thms:4[4,rel]":
1516  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1517  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1518            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1519AOT_theorem "free-thms:4[4,1]":
1520  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1521  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1522            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1523AOT_theorem "free-thms:4[4,2]":
1524  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1525  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1526            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1527AOT_theorem "free-thms:4[4,3]":
1528  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1529  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1530            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1531AOT_theorem "free-thms:4[4,4]":
1532  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1533  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1534            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1535
1536AOT_theorem "ex:1:a": α α
1537  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1538AOT_theorem "ex:1:b": αβ(β = α)
1539  by (rule GEN) (fact "free-thms:3[const_var]")
1540
1541AOT_theorem "ex:2:a": α
1542  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1543AOT_theorem "ex:2:b": β(β = α)
1544  by (rule RN) (fact "free-thms:3[const_var]")
1545
1546AOT_theorem "ex:3:a": α α
1547  by (rule RN) (fact "ex:1:a")
1548AOT_theorem "ex:3:b": αβ(β = α)
1549  by (rule RN) (fact "ex:1:b")
1550
1551AOT_theorem "ex:4:a": α α
1552  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1553AOT_theorem "ex:4:b": αβ(β = α)
1554  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1555
1556AOT_theorem "ex:5:a": α α
1557  by (rule RN) (simp add: "ex:4:a")
1558AOT_theorem "ex:5:b": αβ(β = α)
1559  by (rule RN) (simp add: "ex:4:b")
1560
1561AOT_theorem "all-self=:1": α(α = α)
1562  by (rule RN; rule GEN) (fact "id-eq:1")
1563AOT_theorem "all-self=:2": α(α = α)
1564  by (rule GEN; rule RN) (fact "id-eq:1")
1565
1566AOT_theorem "id-nec:1": α = β  (α = β)
1567proof(rule "→I")
1568  AOT_assume α = β
1569  moreover AOT_have (α = α)
1570    by (rule RN) (fact "id-eq:1")
1571  ultimately AOT_show (α = β) using "rule=E" by fast
1572qed
1573
1574AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1575proof(rule "→I")
1576  AOT_assume asm: τ = σ
1577  moreover AOT_have τ
1578    using calculation "t=t-proper:1" "→E" by blast
1579  moreover AOT_have (τ = τ)
1580    using calculation "all-self=:2" "∀E"(1) by blast
1581  ultimately AOT_show (τ = σ) using "rule=E" by fast
1582qed
1583
1584AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1585proof (rule "≡I"; rule "→I")
1586  AOT_assume asm: φ{α}
1587  AOT_show β (β = α & φ{β})
1588    by (rule "∃I"(2)[where β=α]; rule "&I")
1589       (auto simp: "id-eq:1" asm)
1590next
1591  AOT_assume 0: β (β = α & φ{β})
1592  AOT_obtain β where β = α & φ{β}
1593    using "∃E"[rotated, OF 0] by blast
1594  AOT_thus φ{α} using "&E" "rule=E" by blast
1595qed
1596
1597AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1598proof(rule "→I")
1599  AOT_assume τ
1600  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1601    by (rule GEN) (fact "term-out:1")
1602  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1603    using "∀E" by blast
1604qed
1605
1606AOT_theorem "term-out:3":
1607  (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1608  apply (rule "≡I"; rule "→I")
1609   apply (frule "&E"(1))
1610   apply (drule "&E"(2))
1611   apply (rule GEN; rule "≡I"; rule "→I")
1612  using "rule-ui:2[const_var]" "vdash-properties:5"
1613    apply blast
1614   apply (meson "rule=E" "id-eq:1")
1615  apply (rule "&I")
1616  using "id-eq:1" "≡E"(2) "rule-ui:3"
1617   apply blast
1618  apply (rule GEN; rule "→I")
1619  using "≡E"(1) "rule-ui:2[const_var]"
1620  by blast
1621
1622(* Note: generalized alphabetic variant of the last theorem. *)
1623AOT_theorem "term-out:4":
1624  (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1625  using "term-out:3" .
1626
1627(* TODO: Provide a nicer mechanism for introducing custom binders. *)
1628AOT_define AOT_exists_unique :: ‹α  φ  φ› "uniqueness:1":
1629  «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1630syntax (input) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1631syntax (output) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_'(_')" [1,40])
1632AOT_syntax_print_translations
1633  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1634syntax
1635   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1636   (∃!_...∃!_ _› [1,40])
1637parse_ast_translation1638[(syntax_const‹_AOT_exists_unique_ellipse›,
1639  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1640  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1641 (syntax_const‹_AOT_exists_unique›,
1642  AOT_restricted_binder
1643    const_name‹AOT_exists_unique›
1644    const_syntax‹AOT_conj›)]
1645print_translationAOT_syntax_print_translations [
1646  AOT_preserve_binder_abs_tr'
1647    const_syntax‹AOT_exists_unique›
1648    syntax_const‹_AOT_exists_unique›
1649    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1650    const_name‹AOT_conj›,
1651  AOT_binder_trans
1652    @{theory}
1653    @{binding "AOT_exists_unique_binder"}
1654    syntax_const‹_AOT_exists_unique›
1655]
1656
1657
1658context AOT_meta_syntax
1659begin
1660notation AOT_exists_unique (binder "!" 20)
1661end
1662context AOT_no_meta_syntax
1663begin
1664no_notation AOT_exists_unique (binder "!" 20)
1665end
1666
1667AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1668proof(rule "≡I"; rule "→I")
1669    AOT_assume ∃!α φ{α}
1670    AOT_hence α (φ{α} & β (φ{β}  β = α))
1671      using "uniqueness:1" "≡dfE" by blast
1672    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1673      using "instantiation"[rotated] by blast
1674    AOT_hence β(φ{β}  β = α)
1675      using "term-out:3" "≡E" by blast
1676    AOT_thus αβ(φ{β}  β = α)
1677      using "∃I" by fast
1678next
1679    AOT_assume αβ(φ{β}  β = α)
1680    then AOT_obtain α where β (φ{β}  β = α)
1681      using "instantiation"[rotated] by blast
1682    AOT_hence φ{α} & β (φ{β}  β = α)
1683      using "term-out:3" "≡E" by blast
1684    AOT_hence α (φ{α} & β (φ{β}  β = α))
1685      using "∃I" by fast
1686    AOT_thus ∃!α φ{α}
1687      using "uniqueness:1" "≡dfI" by blast
1688qed
1689
1690AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1691proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1692  fix β γ
1693  AOT_assume ∃!α φ{α}
1694  AOT_hence αβ(φ{β}  β = α)
1695    using "uniqueness:2" "≡E" by blast
1696  then AOT_obtain α where β(φ{β}  β = α)
1697    using "instantiation"[rotated] by blast
1698  moreover AOT_assume φ{β} & φ{γ}
1699  ultimately AOT_have β = α and γ = α
1700    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1701  AOT_thus β = γ
1702    by (metis "rule=E" "id-eq:2" "→E")
1703qed
1704
1705AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1706proof (rule "→I"; rule "→I")
1707  AOT_assume a: α(φ{α}  φ{α})
1708  AOT_assume ∃!α φ{α}
1709  AOT_hence α (φ{α} & β (φ{β}  β = α))
1710    using "uniqueness:1" "≡dfE" by blast
1711  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1712    using "instantiation"[rotated] by blast
1713  AOT_have φ{α}
1714    using ξ a "&E" "∀E" "→E" by fast
1715  moreover AOT_have β (φ{β}  β = α)
1716    apply (rule GEN; rule "→I")
1717    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1718          "qml:2"[axiom_inst, THEN "→E"] by blast
1719  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1720    using "&I" by blast
1721  AOT_thus ∃!α φ{α}
1722    using "uniqueness:1" "≡dfI" "∃I" by fast
1723qed
1724
1725subsection‹The Theory of Actuality and Descriptions›
1726text‹\label{PLM: 9.8}›
1727
1728AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1729  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1730
1731AOT_theorem "nec-imp-act": φ  𝒜φ
1732  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1733            "qml:2"[THEN act_closure, axiom_inst]
1734            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1735
1736AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1737  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1738        "logic-actual-nec:4"[axiom_inst] by blast
1739
1740AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1741  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1742            "logic-actual-nec:4"[axiom_inst] RAA(1))
1743
1744AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1745proof -
1746  AOT_have (φ  (ψ  (φ & ψ)))
1747    by (rule RN) (fact Adjunction)
1748  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1749    using "nec-imp-act" "→E" by blast
1750  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1751    using "act-cond" "→E" by blast
1752  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1753    by (fact "act-cond")
1754  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1755    using "→I" "→E" by metis
1756  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1757    by (metis Importation "→E")
1758qed
1759
1760AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1761proof -
1762  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1763    by (fact "act-conj-act:3")
1764  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1765    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1766  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1767    using "→E" by blast
1768  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1769    using "conventions:3"[THEN "df-rules-formulas[2]",
1770                          THEN act_closure, axiom_inst] by blast
1771  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1772    using "act-cond" "→E" by blast
1773  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1774qed
1775
1776(* TODO: Consider introducing AOT_inductive. *)
1777inductive arbitrary_actualization for φ where
1778  arbitrary_actualization φ «𝒜φ»
1779| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1780declare arbitrary_actualization.cases[AOT]
1781        arbitrary_actualization.induct[AOT]
1782        arbitrary_actualization.simps[AOT]
1783        arbitrary_actualization.intros[AOT]
1784syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1785  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1786
1787notepad
1788begin
1789  AOT_modally_strict {
1790    fix φ
1791    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1792      using AOT_PLM.arbitrary_actualization.intros by metis
1793    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1794      using AOT_PLM.arbitrary_actualization.intros by metis
1795    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1796      using AOT_PLM.arbitrary_actualization.intros by metis
1797  }
1798end
1799
1800
1801AOT_theorem "closure-act:1":
1802  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1803  shows ψ
1804using assms proof(induct)
1805  case 1
1806  AOT_show 𝒜(𝒜φ  φ)
1807    by (simp add: "act-conj-act:4")
1808next
1809  case (2 ψ)
1810  AOT_thus 𝒜ψ
1811    by (metis arbitrary_actualization.simps "≡E"(1)
1812              "logic-actual-nec:4"[axiom_inst])
1813qed
1814
1815AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1816  by (simp add: "act-conj-act:4" "∀I")
1817
1818AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1819  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1820            "logic-actual-nec:3"[axiom_inst]
1821            "logic-actual-nec:4"[axiom_inst])
1822
1823AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1824  using "closure-act:3" .
1825
1826AOT_act_theorem "RA[1]":
1827  assumes  φ
1828  shows  𝒜φ
1829  ― ‹While this proof is rejected in PLM,
1830      we merely state it as modally-fragile rule,
1831      which addresses the concern in PLM.›
1832  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1833        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1834AOT_theorem "RA[2]":
1835  assumes  φ
1836  shows  𝒜φ
1837  ― ‹This rule is in fact a consequence of RN and
1838      does not require an appeal to the semantics itself.›
1839  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1840AOT_theorem "RA[3]":
1841  assumes Γ  φ
1842  shows 𝒜Γ  𝒜φ
1843  text‹This appears to only be derivable from the semantics,
1844       but apparently no proof actually relies on it.
1845       If this turns out to be required, it is valid to derive it from the
1846       semantics just like RN, but we refrain from doing so, unless necessary.›
1847  (*  using assms by (meson AOT_sem_act imageI) *)
1848  oops
1849
1850AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1851  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1852                "≡I" "logic-actual"[act_axiom_inst])
1853
1854AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1855  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1856        "useful-tautologies:2" by blast
1857
1858AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1859  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1860
1861AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1862proof (rule "≡I"; rule "→I")
1863  AOT_assume 𝒜(φ & ψ)
1864  moreover AOT_have 𝒜((φ & ψ)  φ)
1865    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1866  moreover AOT_have 𝒜((φ & ψ)  ψ)
1867    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1868  ultimately AOT_show 𝒜φ & 𝒜ψ
1869    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1870next
1871  AOT_assume 𝒜φ & 𝒜ψ
1872  AOT_thus 𝒜(φ & ψ)
1873    using "act-conj-act:3" "vdash-properties:6" by blast
1874qed
1875
1876AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1877proof (rule "≡I"; rule "→I")
1878  AOT_assume 𝒜(φ  ψ)
1879  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1880    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1881  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1882    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1883  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1884    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1885next
1886  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1887  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1888    by (metis "act-conj-act:3" "vdash-properties:10")
1889  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1890    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1891                  "vdash-properties:1[2]")
1892  ultimately AOT_show 𝒜(φ  ψ)
1893    using "act-cond"[THEN "→E", THEN "→E"] by metis
1894qed
1895
1896AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1897proof (rule "≡I"; rule "→I")
1898  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1899  AOT_show 𝒜φ  𝒜ψ
1900    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1901next
1902  AOT_assume 𝒜φ  𝒜ψ
1903  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1904    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1905qed
1906
1907AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1908  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1909
1910AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1911  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1912
1913AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1914  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1915            "qml-act:2"[axiom_inst])
1916
1917AOT_theorem "Act-Basic:8": φ  𝒜φ
1918  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1919
1920AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1921proof (rule "≡I"; rule "→I")
1922  AOT_assume 𝒜(φ  ψ)
1923  AOT_thus 𝒜φ  𝒜ψ
1924  proof (rule "raa-cor:3")
1925    AOT_assume ¬(𝒜φ  𝒜ψ)
1926    AOT_hence ¬𝒜φ & ¬𝒜ψ
1927      by (metis "≡E"(1) "oth-class-taut:5:d")
1928    AOT_hence 𝒜¬φ & 𝒜¬ψ
1929      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1930    AOT_hence 𝒜(¬φ & ¬ψ)
1931      using "≡E" "Act-Basic:2" by metis
1932    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1933      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1934    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1935      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1936    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1937    AOT_thus ¬𝒜(φ  ψ)
1938      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1939  qed
1940next
1941  AOT_assume 𝒜φ  𝒜ψ
1942  AOT_thus 𝒜(φ  ψ)
1943    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1944qed
1945
1946AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1947proof -
1948  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1949    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1950       (metis "logic-actual-nec:3"[axiom_inst])
1951  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1952    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1953       (rule "logic-actual-nec:1"[THEN universal_closure,
1954               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1955  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1956    using "conventions:4"[THEN "df-rules-formulas[1]",
1957                          THEN act_closure, axiom_inst]
1958          "conventions:4"[THEN "df-rules-formulas[2]",
1959                          THEN act_closure, axiom_inst]
1960    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1961  also AOT_have   ¬𝒜α ¬φ{α}
1962    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1963  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1964  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1965  also AOT_have   α 𝒜 φ{α}
1966    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1967  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1968qed
1969
1970
1971AOT_theorem "Act-Basic:11":
1972  𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1973proof(rule "≡I"; rule "→I")
1974  AOT_assume 𝒜α(φ{α}  ψ{α})
1975  AOT_hence α𝒜(φ{α}  ψ{α})
1976    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1977  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1978  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1979  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1980next
1981  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1982  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1983  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1984  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1985  AOT_thus 𝒜α(φ{α}  ψ{α})
1986    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1987qed
1988
1989AOT_act_theorem "act-quant-uniq":
1990  β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1991proof(rule "≡I"; rule "→I")
1992  AOT_assume β(𝒜φ{β}  β = α)
1993  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1994  AOT_hence φ{β}  β = α for β
1995    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
1996    by metis
1997  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1998next
1999  AOT_assume β(φ{β}  β = α)
2000  AOT_hence φ{β}  β = α for β using "∀E" by blast
2001  AOT_hence 𝒜φ{β}  β = α for β
2002    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2003    by metis
2004  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
2005qed
2006
2007AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
2008  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
2009
2010AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
2011  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
2012        "fund-cont-desc" "≡E"(5) by blast
2013
2014
2015locale russell_axiom =
2016  fixes ψ
2017  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2018begin
2019AOT_act_theorem "russell-axiom":
2020  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2021proof -
2022  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2023    using hintikka "∀I" by fast
2024  show ?thesis
2025  proof(rule "≡I"; rule "→I")
2026    AOT_assume c: ψ{ιx φ{x}}
2027    AOT_hence d: ιx φ{x}
2028      using ψ_denotes_asm by blast
2029    AOT_hence y (y = ιx φ{x})
2030      by (metis "rule=I:1" "existential:1")
2031    then AOT_obtain a where a_def: a = ιx φ{x}
2032      using "instantiation"[rotated] by blast
2033    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2034      using b "∀E" by blast
2035    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2036      using "≡E" by blast
2037    moreover AOT_have ψ{a}
2038    proof - 
2039      AOT_have 1: xy(x = y  y = x)
2040        by (simp add: "id-eq:2" "universal-cor")
2041      AOT_have a = ιx φ{x}   ιx φ{x} = a
2042        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2043           (auto simp: 1 d "universal-cor")
2044      AOT_thus ψ{a}
2045        using a_def c "rule=E" "→E" by blast
2046    qed
2047    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2048    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2049  next
2050    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2051    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2052      using "instantiation"[rotated] by blast
2053    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2054      using b "∀E" by blast
2055    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2056      using g "&E" by blast+
2057    AOT_hence b = ιx φ{x} using h "≡E" by blast
2058    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2059  qed
2060qed
2061end
2062
2063interpretation "russell-axiom[exe,1]": russell_axiom λ κ . «[Π]κ»
2064  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2065interpretation "russell-axiom[exe,2,1,1]": russell_axiom λ κ . «[Π]κκ'»
2066  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2067interpretation "russell-axiom[exe,2,1,2]": russell_axiom λ κ . «[Π]κ'κ»
2068  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2069interpretation "russell-axiom[exe,2,2]": russell_axiom λ κ . «[Π]κκ»
2070  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2071interpretation "russell-axiom[exe,3,1,1]": russell_axiom λ κ . «[Π]κκ'κ''»
2072  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2073interpretation "russell-axiom[exe,3,1,2]": russell_axiom λ κ . «[Π]κ'κκ''»
2074  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2075interpretation "russell-axiom[exe,3,1,3]": russell_axiom λ κ . «[Π]κ'κ''κ»
2076  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2077interpretation "russell-axiom[exe,3,2,1]": russell_axiom λ κ . «[Π]κκκ'»
2078  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2079interpretation "russell-axiom[exe,3,2,2]": russell_axiom λ κ . «[Π]κκ'κ»
2080  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2081interpretation "russell-axiom[exe,3,2,3]": russell_axiom λ κ . «[Π]κ'κκ»
2082  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2083interpretation "russell-axiom[exe,3,3]": russell_axiom λ κ . «[Π]κκκ»
2084  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2085
2086interpretation "russell-axiom[enc,1]": russell_axiom λ κ . «κ[Π]»
2087  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2088interpretation "russell-axiom[enc,2,1]": russell_axiom λ κ . «κκ'[Π]»
2089  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2090interpretation "russell-axiom[enc,2,2]": russell_axiom λ κ . «κ'κ[Π]»
2091  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2092interpretation "russell-axiom[enc,2,3]": russell_axiom λ κ . «κκ[Π]»
2093  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2094interpretation "russell-axiom[enc,3,1,1]": russell_axiom λ κ . «κκ'κ''[Π]»
2095  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2096interpretation "russell-axiom[enc,3,1,2]": russell_axiom λ κ . «κ'κκ''[Π]»
2097  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2098interpretation "russell-axiom[enc,3,1,3]": russell_axiom λ κ . «κ'κ''κ[Π]»
2099  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2100interpretation "russell-axiom[enc,3,2,1]": russell_axiom λ κ . «κκκ'[Π]»
2101  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2102interpretation "russell-axiom[enc,3,2,2]": russell_axiom λ κ . «κκ'κ[Π]»
2103  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2104interpretation "russell-axiom[enc,3,2,3]": russell_axiom λ κ . «κ'κκ[Π]»
2105  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2106interpretation "russell-axiom[enc,3,3]": russell_axiom λ κ . «κκκ[Π]»
2107  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2108
2109AOT_act_theorem "!-exists:1": ιx φ{x}  ∃!x φ{x}
2110proof(rule "≡I"; rule "→I")
2111  AOT_assume ιx φ{x}
2112  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2113  then AOT_obtain a where a = ιx φ{x}
2114    using "instantiation"[rotated] by blast
2115  AOT_hence φ{a} & z (φ{z}  z = a)
2116    using hintikka "≡E" by blast
2117  AOT_hence x (φ{x} & z (φ{z}  z = x))
2118    by (rule "∃I")
2119  AOT_thus ∃!x φ{x}
2120    using "uniqueness:1"[THEN "≡dfI"] by blast
2121next
2122  AOT_assume ∃!x φ{x}
2123  AOT_hence x (φ{x} & z (φ{z}  z = x))
2124    using "uniqueness:1"[THEN "≡dfE"] by blast
2125  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2126    using "instantiation"[rotated] by blast
2127  AOT_hence b = ιx φ{x}
2128    using hintikka "≡E" by blast
2129  AOT_thus ιx φ{x}
2130    by (metis "t=t-proper:2" "vdash-properties:6")
2131qed
2132
2133AOT_act_theorem "!-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2134  using "!-exists:1" "free-thms:1" "≡E"(6) by blast
2135
2136AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2137  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2138
2139(* Note: generalized alphabetic variant of the last theorem *)
2140AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2141
2142AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2143proof(rule "→I")
2144  AOT_assume ιx φ{x}
2145  AOT_hence y (y = ιx φ{x})
2146    by (metis "rule=I:1" "existential:1")
2147  then AOT_obtain a where a = ιx φ{x}
2148    using "instantiation"[rotated] by blast
2149  moreover AOT_have φ{a}
2150    using calculation hintikka "≡E"(1) "&E" by blast
2151  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2152qed
2153
2154AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2155  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2156
2157
2158AOT_theorem "act-quant-nec":
2159  β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2160proof(rule "≡I"; rule "→I")
2161  AOT_assume β (𝒜φ{β}  β = α)
2162  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2163  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2164    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2165  AOT_thus β(𝒜𝒜φ{β}  β = α)
2166    by (rule "∀I")
2167next
2168  AOT_assume β(𝒜𝒜φ{β}  β = α)
2169  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2170  AOT_hence 𝒜φ{β}  β = α for β
2171    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2172  AOT_thus β (𝒜φ{β}  β = α)
2173    by (rule "∀I")
2174qed
2175
2176AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2177proof -
2178  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2179    using descriptions[axiom_inst] by blast
2180  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2181  proof(rule "≡I"; rule "→I"; rule "∀I")
2182    AOT_assume z (𝒜φ{z}  z = x)
2183    AOT_hence 𝒜φ{a}  a = x for a
2184      using "∀E" by blast
2185    AOT_thus 𝒜𝒜φ{a}  a = x for a
2186      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2187  next
2188    AOT_assume z (𝒜𝒜φ{z}  z = x)
2189    AOT_hence 𝒜𝒜φ{a}  a = x for a
2190      using "∀E" by blast
2191    AOT_thus 𝒜φ{a}  a = x for a
2192      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2193  qed
2194  also AOT_have ...  x = ιx(𝒜φ{x})
2195    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2196  finally show ?thesis .
2197qed
2198
2199AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2200proof(rule "→I")
2201  AOT_assume ιx φ{x}
2202  AOT_hence y (y = ιx φ{x})
2203    by (metis "rule=I:1" "existential:1")
2204  then AOT_obtain a where a = ιx φ{x}
2205    using "instantiation"[rotated] by blast
2206  moreover AOT_have a = ιx(𝒜φ{x})
2207    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2208  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2209    using "rule=E" by fast
2210qed
2211
2212AOT_theorem "nec-hintikka-scheme":
2213  x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2214proof -
2215  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2216    using descriptions[axiom_inst] by blast
2217  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2218    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2219  finally show ?thesis.
2220qed
2221
2222AOT_theorem "equiv-desc-eq:1":
2223  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2224proof(rule "→I"; rule "∀I")
2225  fix β
2226  AOT_assume 𝒜x(φ{x}  ψ{x})
2227  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2228    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2229  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2230    by (metis "Act-Basic:5" "≡E"(1))
2231  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2232    using "nec-hintikka-scheme" by blast
2233  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2234  proof (rule "≡I"; rule "→I")
2235    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2236    AOT_hence 𝒜φ{z}  z = β for z
2237      using "&E" "∀E" by blast
2238    AOT_hence 𝒜ψ{z}  z = β for z
2239      using 0 "≡E" "→I" "→E" by metis
2240    AOT_hence z(𝒜ψ{z}  z = β)
2241      using "∀I" by fast
2242    moreover AOT_have 𝒜ψ{β}
2243      using "&E" 0[THEN "≡E"(1)] 1 by blast
2244    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2245      using "&I" by blast
2246  next
2247    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2248    AOT_hence 𝒜ψ{z}  z = β for z
2249      using "&E" "∀E" by blast
2250    AOT_hence 𝒜φ{z}  z = β for z
2251      using 0 "≡E" "→I" "→E" by metis
2252    AOT_hence z(𝒜φ{z}  z = β)
2253      using "∀I" by fast
2254    moreover AOT_have 𝒜φ{β}
2255      using "&E" 0[THEN "≡E"(2)] 1 by blast
2256    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2257      using "&I" by blast
2258  qed
2259  also AOT_have ...  β = ιx ψ{x}
2260    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2261  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2262qed
2263
2264AOT_theorem "equiv-desc-eq:2":
2265  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2266proof(rule "→I")
2267  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2268  AOT_hence 0: y (y = ιx φ{x}) and
2269            1: x (x = ιx φ{x}  x = ιx ψ{x})
2270    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2271  then AOT_obtain a where a = ιx φ{x}
2272    using "instantiation"[rotated] by blast
2273  moreover AOT_have a = ιx ψ{x}
2274    using calculation 1 "∀E" "≡E"(1) by fast
2275  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2276    using "rule=E" by fast
2277qed
2278
2279AOT_theorem "equiv-desc-eq:3":
2280  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2281  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2282        "nec-imp-act"[THEN "→E"] by metis
2283
2284(* Note: this is a special case of "exist-nec" *)
2285AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2286proof(rule "→I")
2287  AOT_assume ιx φ{x}
2288  AOT_hence y (y = ιx φ{x})
2289    by (metis "rule=I:1" "existential:1")
2290  then AOT_obtain a where a = ιx φ{x}
2291    using "instantiation"[rotated] by blast
2292  AOT_thus ιx φ{x}
2293    using "ex:2:a" "rule=E" by fast
2294qed
2295
2296AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2297proof(rule "→I")
2298  AOT_assume ιx φ{x}
2299  AOT_hence y (y = ιx φ{x})
2300    by (metis "rule=I:1" "existential:1")
2301  then AOT_obtain a where a = ιx φ{x}
2302    using "instantiation"[rotated] by blast
2303  AOT_hence (a = ιx φ{x})
2304    by (metis "id-nec:2" "vdash-properties:10")
2305  AOT_thus y (y = ιx φ{x})
2306    by (rule "∃I")
2307qed
2308
2309AOT_act_theorem "equiv-desc-eq2:1":
2310  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2311  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2312        "equiv-desc-eq:1"[THEN "→E"]
2313        "RA[1]" "deduction-theorem" by blast
2314
2315AOT_act_theorem "equiv-desc-eq2:2":
2316  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2317  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2318        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2319        "RA[1]" "deduction-theorem" "&E" by metis
2320
2321context russell_axiom
2322begin
2323AOT_theorem "nec-russell-axiom":
2324  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2325proof -
2326  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2327    using "nec-hintikka-scheme" "∀I" by fast
2328  show ?thesis
2329  proof(rule "≡I"; rule "→I")
2330    AOT_assume c: ψ{ιx φ{x}}
2331    AOT_hence d: ιx φ{x}
2332      using ψ_denotes_asm by blast
2333    AOT_hence y (y = ιx φ{x})
2334      by (metis "rule=I:1" "existential:1")
2335    then AOT_obtain a where a_def: a = ιx φ{x}
2336      using "instantiation"[rotated] by blast
2337    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2338      using b "∀E" by blast
2339    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2340      using "≡E" by blast
2341    moreover AOT_have ψ{a}
2342    proof - 
2343      AOT_have 1: xy(x = y  y = x)
2344        by (simp add: "id-eq:2" "universal-cor")
2345      AOT_have a = ιx φ{x}   ιx φ{x} = a
2346        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2347           (auto simp: d "universal-cor" 1)
2348      AOT_thus ψ{a}
2349        using a_def c "rule=E" "→E" by metis
2350    qed
2351    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2352      by (rule "&I")
2353    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2354      by (rule "∃I")
2355  next
2356    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2357    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2358      using "instantiation"[rotated] by blast
2359    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2360      using b "∀E" by blast
2361    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2362      using g "&E" by blast+
2363    AOT_hence b = ιx φ{x}
2364      using h "≡E" by blast
2365    AOT_thus ψ{ιx φ{x}}
2366      using j "rule=E" by blast
2367  qed
2368qed
2369end
2370
2371AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2372proof (rule "≡I"; rule "→I")
2373  AOT_assume ιx φ{x}
2374  AOT_hence y (y = ιx φ{x})
2375    by (metis "rule=I:1" "existential:1")
2376  then AOT_obtain a where a = ιx φ{x}
2377    using "instantiation"[rotated] by blast
2378  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2379    using descriptions[axiom_inst] by blast
2380  ultimately AOT_have z(𝒜φ{z}  z = a)
2381    using "≡E" by blast
2382  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2383  AOT_thus ∃!x 𝒜φ{x}
2384    using "uniqueness:2"[THEN "≡E"(2)] by fast
2385next
2386  AOT_assume ∃!x 𝒜φ{x}
2387  AOT_hence xz(𝒜φ{z}  z = x)
2388    using "uniqueness:2"[THEN "≡E"(1)] by fast
2389  then AOT_obtain a where z(𝒜φ{z}  z = a)
2390    using "instantiation"[rotated] by blast
2391  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2392    using descriptions[axiom_inst] by blast
2393  ultimately AOT_have a = ιx φ{x}
2394    using "≡E" by blast
2395  AOT_thus ιx φ{x}
2396    by (metis "t=t-proper:2" "vdash-properties:6")
2397qed
2398
2399AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2400  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2401        "reductio-aa:2" "vdash-properties:9" by blast
2402
2403(* Note: generalized alphabetic variant of the last theorem *)
2404AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2405  using "actual-desc:2".
2406
2407AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2408proof(rule "→I")
2409  AOT_assume ιx φ{x}
2410  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2411  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2412  AOT_thus 𝒜φ{ιx φ{x}}
2413    using "actual-desc:2" "rule=E" "→E" by fast
2414qed
2415
2416AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2417proof(rule "→I")
2418  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2419  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2420    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2421  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2422    by (metis "rule=I:1" "existential:1")+
2423  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2424    using "instantiation"[rotated] by metis
2425
2426  AOT_have αβ (α = β  β = α)
2427    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2428  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2429    using "∀E" φ_down by blast
2430  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2431    using "∀E" ψ_down by blast
2432  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2433    "→E" by blast
2434
2435  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2436  proof(rule "≡I"; rule "→I")
2437    AOT_assume 𝒜φ{x}
2438    moreover AOT_have 𝒜φ{x}  x = a for x
2439      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2440            "∀E" by blast
2441    ultimately AOT_have x = a
2442      using "→E" by blast
2443    AOT_hence x = ιx φ{x}
2444      using a_eq "rule=E" by blast
2445    AOT_hence x = ιx ψ{x}
2446      using 0 "rule=E" by blast
2447    AOT_thus 𝒜ψ{x}
2448      by (metis "actual-desc:3" "vdash-properties:6")
2449  next
2450    AOT_assume 𝒜ψ{x}
2451    moreover AOT_have 𝒜ψ{x}  x = b for x
2452      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2453            "∀E" by blast
2454    ultimately AOT_have x = b
2455      using "→E" by blast
2456    AOT_hence x = ιx ψ{x}
2457      using b_eq "rule=E" by blast
2458    AOT_hence x = ιx φ{x}
2459      using 1 "rule=E" by blast
2460    AOT_thus 𝒜φ{x}
2461      by (metis "actual-desc:3" "vdash-properties:6")
2462  qed
2463  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2464    by (metis "Act-Basic:5" "≡E"(2))
2465  AOT_hence x 𝒜(φ{x}  ψ{x})
2466    by (rule "∀I")
2467  AOT_thus 𝒜x (φ{x}  ψ{x})
2468    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2469qed    
2470
2471AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2472proof(rule "→I")
2473  AOT_assume ∃!x φ{x}
2474  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2475    using "uniqueness:1"[THEN "≡dfE"] by blast
2476  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2477    using "instantiation"[rotated] by blast
2478  AOT_show y (y = ιx φ{x}  φ{y})
2479  proof(rule GEN; rule "→I")
2480    fix y
2481    AOT_assume y = ιx φ{x}
2482    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2483      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2484    AOT_hence 𝒜φ{b}  b = y
2485      using "&E" "∀E" by blast
2486    moreover AOT_have 𝒜φ{b}
2487      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2488    ultimately AOT_have b = y
2489      using "→E" by blast
2490    moreover AOT_have φ{b}
2491      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2492    ultimately AOT_show φ{y}
2493      using "rule=E" by blast
2494  qed
2495qed
2496
2497AOT_theorem "!box-desc:2":
2498  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2499proof(rule "→I"; rule "→I")
2500  AOT_assume x (φ{x}  φ{x})
2501  moreover AOT_assume ∃!x φ{x}
2502  ultimately AOT_have ∃!x φ{x}
2503    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2504  AOT_thus y (y = ιx φ{x}  φ{y})
2505    using "!box-desc:1" "→E" by blast
2506qed
2507
2508(* Note: vacuous in the embedding. *)
2509AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2510  by (simp add: "rule=I:1" "→I")
2511
2512subsection‹The Theory of Necessity›
2513text‹\label{PLM: 9.9}›
2514
2515AOT_theorem "RM:1[prem]":
2516  assumes Γ  φ  ψ
2517  shows Γ  φ  ψ
2518proof -
2519  AOT_have Γ  (φ  ψ)
2520    using "RN[prem]" assms by blast
2521  AOT_thus Γ  φ  ψ
2522    by (metis "qml:1"[axiom_inst] "→E")
2523qed
2524
2525AOT_theorem "RM:1":
2526  assumes  φ  ψ
2527  shows  φ  ψ
2528  using "RM:1[prem]" assms by blast
2529
2530lemmas RM = "RM:1"
2531
2532AOT_theorem "RM:2[prem]":
2533  assumes Γ  φ  ψ
2534  shows Γ  φ  ψ
2535proof -
2536  AOT_have Γ  ¬ψ  ¬φ
2537    using assms 
2538    by (simp add: "contraposition:1[1]")
2539  AOT_hence Γ  ¬ψ  ¬φ
2540    using "RM:1[prem]" by blast
2541  AOT_thus Γ  φ  ψ
2542    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2543qed
2544
2545AOT_theorem "RM:2":
2546  assumes  φ  ψ
2547  shows  φ  ψ
2548  using "RM:2[prem]" assms by blast
2549
2550lemmas "RM◇" = "RM:2"
2551
2552AOT_theorem "RM:3[prem]":
2553  assumes Γ  φ  ψ
2554  shows Γ  φ  ψ
2555proof -
2556  AOT_have Γ  φ  ψ and Γ  ψ  φ
2557    using assms "≡E" "→I" by metis+
2558  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2559    using "RM:1[prem]" by metis+
2560  AOT_thus Γ  φ  ψ
2561    by (simp add: "≡I")
2562qed
2563
2564AOT_theorem "RM:3":
2565  assumes  φ  ψ
2566  shows  φ  ψ
2567  using "RM:3[prem]" assms by blast
2568
2569lemmas RE = "RM:3"
2570
2571AOT_theorem "RM:4[prem]":
2572  assumes Γ  φ  ψ
2573  shows Γ  φ  ψ
2574proof -
2575  AOT_have Γ  φ  ψ and Γ  ψ  φ
2576    using assms "≡E" "→I" by metis+
2577  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2578    using "RM:2[prem]" by metis+
2579  AOT_thus Γ  φ  ψ
2580    by (simp add: "≡I")
2581qed
2582
2583AOT_theorem "RM:4":
2584  assumes  φ  ψ
2585  shows  φ  ψ
2586  using "RM:4[prem]" assms by blast
2587
2588lemmas "RE◇" = "RM:4"
2589
2590AOT_theorem "KBasic:1": φ  (ψ  φ)
2591  by (simp add: RM "pl:1"[axiom_inst])
2592
2593AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2594  by (simp add: RM "useful-tautologies:3")
2595
2596AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2597proof (rule "≡I"; rule "→I")
2598  AOT_assume (φ & ψ)
2599  AOT_thus φ & ψ
2600    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2601next
2602  AOT_have φ  (ψ  (φ & ψ))
2603    by (simp add: "RM:1" Adjunction)
2604  AOT_hence φ  (ψ  (φ & ψ))
2605    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2606  moreover AOT_assume φ & ψ
2607  ultimately AOT_show (φ & ψ)
2608    using "→E" "&E" by blast
2609qed
2610
2611AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2612proof -
2613  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2614    by (fact "KBasic:3")
2615  AOT_modally_strict {
2616    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2617      by (fact "conventions:3"[THEN "≡Df"])
2618  }
2619  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2620    by (rule RE)
2621  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2622    using "≡E"(5) by blast
2623qed
2624
2625AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2626proof -
2627  AOT_have (φ  ψ)  (φ  ψ)
2628    by (fact "qml:1"[axiom_inst])
2629  moreover AOT_have (ψ  φ)  (ψ  φ)
2630    by (fact "qml:1"[axiom_inst])
2631  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2632    by (metis "&I" MP "Double Composition")
2633  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2634    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2635  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2636    by (metis "Hypothetical Syllogism")
2637qed
2638
2639AOT_theorem "KBasic:6": (φ  ψ)  (φ  ψ)
2640  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2641AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2642proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2643  AOT_assume φ & ψ
2644  AOT_hence φ and ψ using "&E" by blast+
2645  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2646  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2647  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2648next
2649  AOT_assume ¬φ & ¬ψ
2650  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2651  AOT_modally_strict {
2652    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2653      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2654  }
2655  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2656    by (rule RM)
2657  AOT_thus (φ  ψ) using 0 "→E" by blast
2658qed(auto)
2659
2660AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2661  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2662AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2663  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2664AOT_theorem "KBasic:10": φ  ¬¬φ
2665  by (simp add: "RM:3" "oth-class-taut:3:b")
2666AOT_theorem "KBasic:11": ¬φ  ¬φ
2667proof (rule "≡I"; rule "→I")
2668  AOT_show ¬φ if ¬φ
2669    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2670next
2671  AOT_show ¬φ if ¬φ
2672    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2673qed
2674AOT_theorem "KBasic:12": φ  ¬¬φ
2675proof (rule "≡I"; rule "→I")
2676  AOT_show ¬¬φ if φ
2677    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2678next
2679  AOT_show φ if ¬¬φ
2680  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2681qed
2682AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2683proof -
2684  AOT_have φ  ψ  φ  ψ by blast
2685  AOT_hence (φ  ψ)  φ  ψ
2686    using "RM:2[prem]" by blast
2687  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2688qed
2689lemmas "K◇" = "KBasic:13"
2690AOT_theorem "KBasic:14": φ  ¬¬φ
2691  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2692AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2693proof -
2694  AOT_modally_strict {
2695    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2696      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2697  }
2698  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2699    using RM by blast+
2700  AOT_thus (φ  ψ)  (φ  ψ)
2701    by (metis "∨E"(1) "deduction-theorem")
2702qed
2703
2704AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2705  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2706            Importation "→E")
2707
2708AOT_theorem "rule-sub-lem:1:a":
2709  assumes  (ψ  χ)
2710  shows  ¬ψ  ¬χ
2711  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2712        "≡E"(1) "oth-class-taut:4:b" by blast
2713
2714AOT_theorem "rule-sub-lem:1:b":
2715  assumes  (ψ  χ)
2716  shows  (ψ  Θ)  (χ  Θ)
2717  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2718  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2719
2720AOT_theorem "rule-sub-lem:1:c":
2721  assumes  (ψ  χ)
2722  shows  (Θ  ψ)  (Θ  χ)
2723  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2724  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2725
2726AOT_theorem "rule-sub-lem:1:d":
2727  assumes for arbitrary α:  (ψ{α}  χ{α})
2728  shows  α ψ{α}  α χ{α}
2729proof -
2730  AOT_modally_strict {
2731    AOT_have α (ψ{α}  χ{α})
2732      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2733    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2734    AOT_show α ψ{α}  α χ{α}
2735    proof (rule "≡I"; rule "→I")
2736      AOT_assume α ψ{α}
2737      AOT_hence ψ{α} for α using "∀E" by blast
2738      AOT_hence χ{α} for α using 0 "≡E" by blast
2739      AOT_thus α χ{α} by (rule "∀I")
2740    next
2741      AOT_assume α χ{α}
2742      AOT_hence χ{α} for α using "∀E" by blast
2743      AOT_hence ψ{α} for α using 0 "≡E" by blast
2744      AOT_thus α ψ{α} by (rule "∀I")
2745    qed
2746  }
2747qed
2748
2749AOT_theorem "rule-sub-lem:1:e":
2750  assumes  (ψ  χ)
2751  shows   ψ]   χ]
2752  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2753  using "≡E"(1) "propositions-lemma:6" by blast
2754
2755AOT_theorem "rule-sub-lem:1:f":
2756  assumes  (ψ  χ)
2757  shows  𝒜ψ  𝒜χ
2758  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2759  by (metis "Act-Basic:5" "≡E"(1))
2760
2761AOT_theorem "rule-sub-lem:1:g":
2762  assumes  (ψ  χ)
2763  shows  ψ  χ
2764  using "KBasic:6" assms "vdash-properties:6" by blast
2765
2766text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2767     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2768     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2769
2770class AOT_subst =
2771  fixes AOT_subst :: "('a  𝗈)  bool"
2772    and AOT_subst_cond :: "'a  'a  bool"
2773  assumes AOT_subst:
2774    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2775
2776named_theorems AOT_substI
2777
2778instantiation 𝗈 :: AOT_subst
2779begin
2780
2781inductive AOT_subst_𝗈 where
2782  AOT_subst_𝗈_id[AOT_substI]:
2783    AOT_subst_𝗈 (λφ. φ)
2784  | AOT_subst_𝗈_const[AOT_substI]:
2785    AOT_subst_𝗈 (λφ. ψ)
2786  | AOT_subst_𝗈_not[AOT_substI]:
2787    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2788  | AOT_subst_𝗈_imp[AOT_substI]:
2789    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2790  | AOT_subst_𝗈_lambda0[AOT_substI]:
2791    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2792  | AOT_subst_𝗈_act[AOT_substI]:
2793    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2794  | AOT_subst_𝗈_box[AOT_substI]:
2795    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2796  | AOT_subst_𝗈_by_def[AOT_substI]:
2797    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2798      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2799
2800
2801definition AOT_subst_cond_𝗈 where
2802  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2803
2804instance
2805proof
2806  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2807  assume cond: ‹AOT_subst_cond ψ χ
2808  assume ‹AOT_subst φ
2809  moreover AOT_have  ψ  χ
2810    using cond unfolding AOT_subst_cond_𝗈_def by blast
2811  ultimately AOT_show  φ{ψ}  φ{χ}
2812  proof (induct arbitrary: ψ χ)
2813    case AOT_subst_𝗈_id
2814    thus ?case
2815      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2816  next
2817    case (AOT_subst_𝗈_const ψ)
2818    thus ?case
2819      by (simp add: "oth-class-taut:3:a")
2820  next
2821    case (AOT_subst_𝗈_not Θ)
2822    thus ?case
2823      by (simp add: RN "rule-sub-lem:1:a")
2824  next
2825    case (AOT_subst_𝗈_imp Θ Ξ)
2826    thus ?case
2827      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2828  next
2829    case (AOT_subst_𝗈_lambda0 Θ)
2830    thus ?case
2831      by (simp add: RN "rule-sub-lem:1:e")
2832  next
2833    case (AOT_subst_𝗈_act Θ)
2834    thus ?case
2835      by (simp add: RN "rule-sub-lem:1:f")
2836  next
2837    case (AOT_subst_𝗈_box Θ)
2838    thus ?case
2839      by (simp add: RN "rule-sub-lem:1:g")
2840  next
2841    case (AOT_subst_𝗈_by_def Θ Ξ)
2842    AOT_modally_strict {
2843      AOT_have Ξ{ψ}  Ξ{χ}
2844        using AOT_subst_𝗈_by_def by simp
2845      AOT_thus Θ{ψ}  Θ{χ}
2846        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2847              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2848        by (metis "≡E"(6) "oth-class-taut:3:a")
2849    }
2850  qed
2851qed
2852end
2853
2854instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2855begin
2856
2857definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2858  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2859                                                      (ψ (AOT_term_of_var α))
2860
2861inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2862  AOT_subst_fun_const[AOT_substI]:
2863    AOT_subst_fun (λφ. ψ)
2864  | AOT_subst_fun_id[AOT_substI]:
2865    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2866  | AOT_subst_fun_all[AOT_substI]:
2867    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2868     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2869  | AOT_subst_fun_not[AOT_substI]:
2870    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2871  | AOT_subst_fun_imp[AOT_substI]:
2872    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2873  | AOT_subst_fun_lambda0[AOT_substI]:
2874    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2875  | AOT_subst_fun_act[AOT_substI]:
2876    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2877  | AOT_subst_fun_box[AOT_substI]:
2878    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2879  | AOT_subst_fun_def[AOT_substI]:
2880    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2881     AOT_subst_fun Ψ  AOT_subst_fun Θ
2882
2883instance proof
2884  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2885  assume ‹AOT_subst φ
2886  moreover assume cond: ‹AOT_subst_cond ψ χ
2887  ultimately AOT_show  «φ ψ»  «φ χ»
2888  proof(induct)
2889    case (AOT_subst_fun_const ψ)
2890    then show ?case by (simp add: "oth-class-taut:3:a")
2891  next
2892  case (AOT_subst_fun_id Ψ x)
2893  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2894  next
2895  next
2896  case (AOT_subst_fun_all Ψ Θ)
2897  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2898    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2899  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2900    by (simp add: RN "rule-sub-lem:1:d"
2901                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2902  next
2903  case (AOT_subst_fun_not Ψ)
2904  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2905  next
2906  case (AOT_subst_fun_imp Ψ Θ)
2907  then show ?case 
2908    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2909    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2910  next
2911  case (AOT_subst_fun_lambda0 Θ)
2912  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2913  next
2914  case (AOT_subst_fun_act Θ)
2915  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2916  next
2917  case (AOT_subst_fun_box Θ)
2918  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2919  next
2920  case (AOT_subst_fun_def Θ Ψ)
2921  then show ?case
2922    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2923  qed
2924qed
2925end
2926
2927ML2928fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2929  fun findHeadConst (Const x) = SOME x
2930    | findHeadConst (A $ _) = findHeadConst A
2931    | findHeadConst _ = NONE
2932  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2933      = findHeadConst lhs
2934    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2935    | findDef (Abs (_,_,c)) = findDef c
2936    | findDef _ = NONE
2937  val const_opt = (findDef trm)
2938  val defs = case const_opt of SOME const => List.filter (fn thm => let
2939      val concl = Thm.concl_of thm
2940      val thmconst = (findDef concl)
2941      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2942      (AOT_Definitions.get ctxt)
2943      | _ => []
2944  val tac = case defs of
2945            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2946            | _ => resolve_tac ctxt defs 1
2947  in tac end) 1)
2948fun getSubstThm ctxt reversed phi p q = let
2949val p_ty = Term.type_of p
2950val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2951val abs = Syntax.check_term ctxt abs
2952val substThm = Goal.prove ctxt [] [] abs
2953  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2954val substThm = substThm RS @{thm AOT_subst}
2955fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
2956val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
2957fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
2958val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
2959in if reversed then let
2960  val substThm = Drule.instantiate_normalize
2961          (TVars_empty,Vars_make [((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2962          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2963  val substThm = substThm RS @{thm "≡E"(1)}
2964  in substThm end
2965else
2966  let
2967  val substThm = Drule.instantiate_normalize
2968          (TVars_empty,Vars_make [((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2969          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2970  val substThm = substThm RS @{thm "≡E"(2)}
2971  in substThm end end
2972
2973
2974method_setup AOT_subst = 2975Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2976Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
2977Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
2978Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
2979Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2980>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2981(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
2982  prems = prems, asms = asms, concl = concl, schematics = _} =>
2983let
2984val thms = prems
2985val ctxt' = ctxt
2986val ctxt = Context_Position.set_visible false ctxt
2987val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2988
2989val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2990  let
2991    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2992    val ty = Option.map (Syntax.read_typ ctxt) ty
2993    val ctxt = case ty of SOME ty => let
2994        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2995        val bound = Syntax.check_term ctxt bound
2996      in Variable.declare_term bound ctxt end | _ => ctxt
2997  in ctxt end)) raw_bounds ctxt
2998
2999val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
3000val p = Syntax.check_term ctxt p
3001val ctxt = Variable.declare_term p ctxt
3002val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
3003val q = Syntax.check_term ctxt q
3004val ctxt = Variable.declare_term q ctxt
3005
3006val bounds = (map (fn (bound, _) =>
3007  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
3008)) raw_bounds
3009val p = fold (fn bound => fn p =>
3010  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
3011  bounds p
3012val p = Syntax.check_term ctxt p
3013val p_ty = Term.type_of p
3014
3015val pat = @{const Trueprop} $
3016  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3017   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3018val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3019val univ = hd (Seq.list_of univ) (* TODO: consider all matches *)
3020val phi = the (Envir.lookup univ
3021  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3022
3023val q = fold (fn bound => fn q =>
3024  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3025val q = Syntax.check_term ctxt q
3026
3027(* Reparse to report bounds as fixes. *)
3028val ctxt = Context_Position.restore_visible ctxt' ctxt
3029val ctxt' = ctxt
3030fun unsource str = fst (Input.source_content (Syntax.read_input str))
3031val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3032  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3033  ctxt'
3034val _ = (map (fn (x,_) =>
3035  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3036  raw_bounds
3037val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3038val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3039val reversed = case reversed of SOME _ => true | _ => false
3040val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3041in
3042resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3043THEN simp_tac (ctxt addsimps simpThms) 1
3044THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3045THEN (TRY (resolve_tac ctxt thms 1))
3046end
3047) ctxt 1))))
3048
3049
3050method_setup AOT_subst_def = 3051Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3052Attrib.thm
3053>> (fn (reversed,fact) => (fn ctxt =>
3054(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3055  prems = prems, asms = asms, concl = concl, schematics = _} =>
3056let
3057val c = Thm.concl_of fact
3058val (lhs, rhs) = case c of (const‹Trueprop› $
3059    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3060  | _ => raise Fail "Definition expected."
3061val substCond = HOLogic.mk_Trueprop
3062  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3063val substCond = Syntax.check_term
3064  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3065  substCond
3066val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3067  @{thm AOT_subst_cond_fun_def},
3068  fact RS @{thm "≡Df"}]
3069val substCondThm = Goal.prove ctxt [] [] substCond
3070  (fn {context=ctxt, prems=prems} =>
3071      (SUBGOAL (fn (trm,int) =>
3072        auto_tac (ctxt addsimps simpThms)) 1))
3073val substThm = substCondThm RSN (2,@{thm AOT_subst})
3074in
3075resolve_tac ctxt [substThm RS
3076  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3077THEN prove_AOT_subst_tac ctxt
3078THEN (TRY (resolve_tac ctxt prems 1))
3079end
3080) ctxt 1))))
3081
3082
3083method_setup AOT_subst_thm = 3084Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3085Attrib.thm
3086>> (fn (reversed,fact) => (fn ctxt =>
3087(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3088  prems = prems, asms = asms, concl = concl, schematics = _} =>
3089let
3090val c = Thm.concl_of fact
3091val (lhs, rhs) = case c of
3092  (const‹Trueprop› $
3093   (const‹AOT_model_valid_in› $ _ $
3094    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3095  | _ => raise Fail "Equivalence expected."
3096
3097val substCond = HOLogic.mk_Trueprop
3098  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3099val substCond = Syntax.check_term
3100  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3101  substCond
3102val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3103  @{thm AOT_subst_cond_fun_def},
3104  fact]
3105val substCondThm = Goal.prove ctxt [] [] substCond
3106  (fn {context=ctxt, prems=prems} =>
3107      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3108val substThm = substCondThm RSN (2,@{thm AOT_subst})
3109in
3110resolve_tac ctxt [substThm RS
3111  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3112THEN prove_AOT_subst_tac ctxt
3113THEN (TRY (resolve_tac ctxt prems 1))
3114end
3115) ctxt 1))))
3116
3117
3118AOT_theorem "rule-sub-remark:1[1]":
3119  assumes  A!x  ¬E!x and ¬A!x
3120  shows ¬¬E!x
3121  by (AOT_subst (reverse) ¬E!x A!x)
3122     (auto simp: assms) 
3123
3124AOT_theorem "rule-sub-remark:1[2]":
3125  assumes  A!x  ¬E!x and  ¬¬E!x
3126  shows ¬A!x
3127  by (AOT_subst A!x ¬E!x)
3128     (auto simp: assms)
3129
3130AOT_theorem "rule-sub-remark:2[1]":
3131  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3132      and p  [R]xy
3133  shows p  [R]xy & ([Q]a  ¬[Q]a)
3134  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3135
3136AOT_theorem "rule-sub-remark:2[2]":
3137  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3138      and p  [R]xy & ([Q]a  ¬[Q]a)
3139  shows p  [R]xy
3140  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3141
3142AOT_theorem "rule-sub-remark:3[1]":
3143  assumes for arbitrary x:  A!x  ¬E!x
3144      and x A!x
3145    shows x ¬E!x
3146  by (AOT_subst (reverse) ¬E!x A!x for: x)
3147     (auto simp: assms)
3148
3149AOT_theorem "rule-sub-remark:3[2]":
3150  assumes for arbitrary x:  A!x  ¬E!x
3151      and x ¬E!x
3152    shows x A!x
3153  by (AOT_subst A!x ¬E!x for: x)
3154     (auto simp: assms)
3155
3156AOT_theorem "rule-sub-remark:4[1]":
3157  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3158  shows 𝒜[P]x
3159  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3160
3161AOT_theorem "rule-sub-remark:4[2]":
3162  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3163  shows 𝒜¬¬[P]x
3164  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3165
3166AOT_theorem "rule-sub-remark:5[1]":
3167  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3168  shows (¬ψ  ¬φ)
3169  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3170
3171AOT_theorem "rule-sub-remark:5[2]":
3172  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3173  shows (φ  ψ) 
3174  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3175
3176AOT_theorem "rule-sub-remark:6[1]":
3177  assumes  ψ  χ and (φ  ψ)
3178  shows (φ  χ) 
3179  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3180
3181AOT_theorem "rule-sub-remark:6[2]":
3182  assumes  ψ  χ and (φ  χ)
3183  shows (φ  ψ)
3184  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3185
3186AOT_theorem "rule-sub-remark:7[1]":
3187  assumes  φ  ¬¬φ and (φ  φ)
3188  shows (¬¬φ  φ) 
3189  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3190
3191AOT_theorem "rule-sub-remark:7[2]":
3192  assumes  φ  ¬¬φ and (¬¬φ  φ)
3193  shows (φ  φ)
3194  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3195
3196AOT_theorem "KBasic2:1": ¬φ  ¬φ
3197  by (meson "conventions:5" "contraposition:2"
3198            "Hypothetical Syllogism" "df-rules-formulas[3]"
3199            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3200
3201AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3202proof -
3203  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3204    by (simp add: "RE◇" "oth-class-taut:5:b")
3205  also AOT_have   ¬(¬φ & ¬ψ)
3206    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3207  also AOT_have   ¬(¬φ & ¬ψ)
3208    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3209  also AOT_have   ¬(¬φ & ¬ψ)
3210    using "KBasic2:1"
3211    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3212        auto simp: "oth-class-taut:3:a")
3213  also AOT_have   ¬¬(φ  ψ)
3214    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3215  also AOT_have   φ  ψ
3216    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3217  finally show ?thesis .
3218qed
3219
3220AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3221  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3222            "→I" "modus-tollens:1" "reductio-aa:1")
3223
3224AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3225proof -
3226  AOT_have (φ  ψ)  (¬φ  ψ)
3227    by (AOT_subst φ  ψ ¬φ  ψ)
3228       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3229  also AOT_have ...  ¬φ  ψ
3230    by (simp add: "KBasic2:2")
3231  also AOT_have ...  ¬φ  ψ
3232    by (AOT_subst ¬φ ¬φ)
3233       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3234  also AOT_have ...  φ  ψ
3235    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3236  finally show ?thesis .
3237qed
3238
3239AOT_theorem "KBasic2:5": φ  ¬¬φ
3240  using "conventions:5"[THEN "≡Df"]
3241  by (AOT_subst φ ¬¬φ;
3242      AOT_subst ¬¬φ ¬¬¬¬φ;
3243      AOT_subst (reverse) ¬¬¬φ ¬φ)
3244     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3245
3246
3247AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3248proof(rule "→I"; rule "raa-cor:1")
3249  AOT_assume (φ  ψ)
3250  AOT_hence (¬φ  ψ)
3251    using "conventions:2"[THEN "≡Df"]
3252    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3253  AOT_hence 1: ¬φ  ψ
3254    using "KBasic:13" "vdash-properties:10" by blast
3255  AOT_assume ¬(φ  ψ)
3256  AOT_hence ¬φ and ¬ψ
3257    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3258  AOT_thus ψ & ¬ψ
3259    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3260qed
3261
3262AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3263proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3264  AOT_assume (φ  ψ)
3265  AOT_hence 1: φ  ψ
3266    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3267  AOT_assume ¬φ
3268  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3269  AOT_thus ψ using 1 "∨E"(2) by blast
3270qed
3271
3272AOT_theorem "T-S5-fund:1": φ  φ
3273  by (meson "≡dfI" "conventions:5" "contraposition:2"
3274            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3275lemmas "T◇" = "T-S5-fund:1"
3276
3277AOT_theorem "T-S5-fund:2": φ  φ
3278proof(rule "→I")
3279  AOT_assume φ
3280  AOT_hence ¬¬φ
3281    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3282  moreover AOT_have ¬φ  ¬φ
3283    by (fact "qml:3"[axiom_inst])
3284  ultimately AOT_have ¬¬φ
3285    using "modus-tollens:1" by blast
3286  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3287qed
3288lemmas "5◇" = "T-S5-fund:2"
3289
3290AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3291  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3292     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3293
3294AOT_theorem "Act-Sub:2": φ  𝒜φ
3295  using "conventions:5"[THEN "≡Df"]
3296  by (AOT_subst φ ¬¬φ)
3297     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3298            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3299
3300AOT_theorem "Act-Sub:3": 𝒜φ  φ
3301  using "conventions:5"[THEN "≡Df"]
3302  by (AOT_subst φ ¬¬φ)
3303     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3304
3305AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3306proof (rule "≡I"; rule "→I")
3307  AOT_assume 𝒜φ
3308  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3309next
3310  AOT_assume 𝒜φ
3311  AOT_hence ¬¬𝒜φ
3312    using "≡dfE" "conventions:5" by blast
3313  AOT_hence ¬𝒜¬φ
3314    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3315       (simp add: "logic-actual-nec:1"[axiom_inst])
3316  AOT_thus 𝒜φ
3317    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3318          "reductio-aa:1" by blast
3319qed
3320
3321AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3322  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3323
3324AOT_theorem "S5Basic:1": φ  φ
3325  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3326
3327AOT_theorem "S5Basic:2": φ  φ
3328  by (simp add: "T◇" "5◇" "≡I")
3329
3330AOT_theorem "S5Basic:3": φ  φ
3331  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3332lemmas "B" = "S5Basic:3"
3333
3334AOT_theorem "S5Basic:4": φ  φ
3335  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3336lemmas "B◇" = "S5Basic:4"
3337
3338AOT_theorem "S5Basic:5": φ  φ
3339  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3340lemmas "4" = "S5Basic:5"
3341
3342AOT_theorem "S5Basic:6": φ  φ
3343  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3344
3345AOT_theorem "S5Basic:7": φ  φ
3346  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3347  by (AOT_subst φ ¬¬φ;
3348      AOT_subst φ ¬¬φ;
3349      AOT_subst (reverse) ¬¬¬φ ¬φ;
3350      AOT_subst (reverse) ¬φ ¬φ)
3351     (auto simp: "S5Basic:6" "if-p-then-p")
3352
3353lemmas "4◇" = "S5Basic:7"
3354
3355AOT_theorem "S5Basic:8": φ  φ
3356  by (simp add: "4◇" "T◇" "≡I")
3357
3358AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3359  apply (rule "≡I"; rule "→I")
3360  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3361   apply blast
3362  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3363            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3364
3365AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3366(* Note: nicely this proof is entirely sledgehammer generated *)
3367proof(rule "≡I"; rule "→I")
3368  AOT_assume (φ  ψ)
3369  AOT_hence φ  ψ
3370    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3371  AOT_thus φ  ψ
3372    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3373next
3374  AOT_assume φ  ψ
3375  AOT_hence φ  ψ
3376    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3377  AOT_thus (φ  ψ)
3378    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3379qed
3380
3381AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3382proof -
3383  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3384    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3385       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3386  also AOT_have   ¬(¬φ  ¬ψ)
3387    by (AOT_subst ¬ψ ¬ψ)
3388       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3389  also AOT_have   ¬(¬φ  ¬ψ)
3390    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3391  also AOT_have   ¬(¬φ  ¬ψ)
3392    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3393  also AOT_have   ¬(¬φ  ¬ψ)
3394    using "KBasic2:1"
3395    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3396       (auto simp:  "oth-class-taut:3:a")
3397  also AOT_have   φ & ψ
3398    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3399  finally show ?thesis .
3400qed
3401
3402AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3403proof (rule "≡I"; rule "→I")
3404  AOT_assume (φ & ψ)
3405  AOT_hence φ & ψ
3406    using "KBasic2:3" "vdash-properties:6" by blast
3407  AOT_thus φ & ψ
3408    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3409next
3410  AOT_assume φ & ψ
3411  moreover AOT_have (ψ & φ)  (φ & ψ)
3412    by (AOT_subst φ & ψ ψ & φ)
3413       (auto simp: "Commutativity of &" "KBasic:16")
3414  ultimately AOT_show (φ & ψ)
3415    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3416qed
3417
3418AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3419proof (rule "≡I")
3420  AOT_modally_strict {
3421    AOT_have (φ  ψ)  (φ  ψ)
3422      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3423  }
3424  AOT_hence (φ  ψ)  (φ  ψ)
3425    by (rule RM)
3426  AOT_thus  (φ  ψ)  (φ  ψ)
3427    using "4" "Hypothetical Syllogism" by blast
3428next
3429  AOT_modally_strict {
3430    AOT_have (φ  ψ)  (φ  ψ)
3431      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3432  }
3433  AOT_hence  (φ  ψ)  (φ  ψ)
3434    by (rule RM)
3435  AOT_thus (φ  ψ)  (φ  ψ)
3436    using "4" "Hypothetical Syllogism" by blast
3437qed
3438
3439AOT_theorem "derived-S5-rules:1":
3440  assumes Γ  φ  ψ
3441  shows Γ  φ  ψ
3442proof -
3443  AOT_have Γ  φ  ψ
3444    using assms by (rule "RM:1[prem]")
3445  AOT_thus Γ  φ  ψ
3446    using "B" "Hypothetical Syllogism" by blast
3447qed
3448
3449AOT_theorem "derived-S5-rules:2":
3450  assumes Γ  φ  ψ
3451  shows Γ  φ  ψ
3452proof -
3453  AOT_have Γ  φ  ψ
3454    using assms by (rule "RM:2[prem]")
3455  AOT_thus Γ  φ  ψ
3456    using "B◇" "Hypothetical Syllogism" by blast
3457qed
3458
3459AOT_theorem "BFs:1": α φ{α}  α φ{α}
3460proof -
3461  AOT_modally_strict {
3462    AOT_have α φ{α}  φ{α} for α
3463      using "cqt-orig:3" by (rule "RM◇")
3464    AOT_hence α φ{α}  α φ{α}
3465      using "B◇" "∀I" "→E" "→I" by metis
3466  }
3467  thus ?thesis
3468    using "derived-S5-rules:1" by blast
3469qed
3470lemmas "BF" = "BFs:1"
3471
3472AOT_theorem "BFs:2": α φ{α}  α φ{α}
3473proof -
3474  AOT_have α φ{α}  φ{α} for α
3475    using RM "cqt-orig:3" by metis
3476  thus ?thesis
3477    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3478qed
3479lemmas "CBF" = "BFs:2"
3480
3481AOT_theorem "BFs:3": α φ{α}  α φ{α}
3482proof(rule "→I")
3483  AOT_modally_strict {
3484    AOT_have α ¬φ{α}  α ¬φ{α}
3485      using BF CBF "≡I" by blast
3486  } note θ = this
3487
3488  AOT_assume α φ{α}
3489  AOT_hence ¬¬(α φ{α})
3490    using "≡dfE" "conventions:5" by blast
3491  AOT_hence ¬α ¬φ{α}
3492    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3493    using "≡dfI" "conventions:3" "conventions:4" "&I"
3494          "contraposition:2" "cqt-further:4"
3495          "df-rules-formulas[3]" by blast
3496  AOT_hence ¬α ¬φ{α}
3497    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3498    using θ by blast
3499  AOT_hence ¬α ¬¬¬φ{α}
3500    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3501       (simp add: "oth-class-taut:3:b")
3502  AOT_hence α ¬¬φ{α}
3503    by (rule "conventions:4"[THEN "≡dfI"])
3504  AOT_thus α φ{α}
3505    using "conventions:5"[THEN "≡Df"]
3506    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3507qed
3508lemmas "BF◇" = "BFs:3"
3509
3510AOT_theorem "BFs:4": α φ{α}  α φ{α}
3511proof(rule "→I")
3512  AOT_assume α φ{α}
3513  AOT_hence ¬α ¬φ{α}
3514    using "conventions:4"[THEN "≡dfE"] by blast
3515  AOT_hence ¬α ¬φ{α}
3516    using "KBasic2:1"
3517    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3518  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3519    using "≡I" "BF" "CBF" by metis
3520  ultimately AOT_have 1: ¬α ¬φ{α}
3521    using "≡E"(3) by blast
3522  AOT_show α φ{α}
3523    apply (rule "conventions:5"[THEN "≡dfI"])
3524    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3525     apply (simp add: "conventions:4" "≡Df")
3526    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3527    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3528qed
3529lemmas "CBF◇" = "BFs:4"
3530
3531AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3532proof(rule "→I")
3533  AOT_assume α φ{α}
3534  then AOT_obtain α where φ{α} using "∃E" by metis
3535  moreover AOT_have α
3536    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3537  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3538  proof -
3539    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3540    AOT_thus φ{τ}, τ  α φ{α}
3541      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3542  qed
3543  ultimately AOT_show α φ{α} by blast
3544qed
3545lemmas Buridan = "sign-S5-thm:1"
3546
3547AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3548proof -
3549  AOT_have α (α φ{α}  φ{α})
3550    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3551  AOT_thus α φ{α}  α φ{α}
3552    using "∀E"(4) "∀I" "→E" "→I" by metis
3553qed
3554lemmas "Buridan◇" = "sign-S5-thm:2"
3555
3556AOT_theorem "sign-S5-thm:3":
3557  α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3558  apply (rule "RM:2")
3559  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3560
3561AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3562  apply (rule "RM:2")
3563  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3564
3565AOT_theorem "sign-S5-thm:5":
3566  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3567proof -
3568  {
3569    fix φ' ψ' χ'
3570    AOT_assume  φ' & ψ'  χ'
3571    AOT_hence φ' & ψ'  χ'
3572      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3573      using "&E" "&I" "→E" "→I" by metis
3574  } note R = this
3575  show ?thesis by (rule R; fact AOT)
3576qed
3577
3578AOT_theorem "sign-S5-thm:6":
3579  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3580proof -
3581  {
3582    fix φ' ψ' χ'
3583    AOT_assume  φ' & ψ'  χ'
3584    AOT_hence φ' & ψ'  χ'
3585      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3586      using "&E" "&I" "→E" "→I" by metis
3587  } note R = this
3588  show ?thesis by (rule R; fact AOT)
3589qed
3590
3591AOT_theorem "exist-nec2:1": τ  τ
3592  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3593
3594AOT_theorem "exists-nec2:2": τ  τ
3595  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3596            "exist-nec2:1" "≡I" "nec-imp-act")
3597
3598AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3599  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3600
3601AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3602  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3603            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3604
3605AOT_theorem "id-nec2:1": α = β  α = β
3606  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3607
3608AOT_theorem "id-nec2:2": α  β  α  β
3609  apply (AOT_subst α  β ¬(α = β))
3610  using "=-infix"[THEN "≡Df"] apply blast
3611  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3612
3613AOT_theorem "id-nec2:3": α  β  α  β
3614  apply (AOT_subst α  β ¬(α = β))
3615  using "=-infix"[THEN "≡Df"] apply blast
3616  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3617
3618AOT_theorem "id-nec2:4": α = β  α = β
3619  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3620
3621AOT_theorem "id-nec2:5": α  β  α  β
3622  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3623
3624AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3625  apply (rule "≡I"; rule "→I")
3626  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3627  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3628            "raa-cor:5" "→E")
3629
3630AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3631  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3632            "nec-imp-act" "raa-cor:2" "→E")
3633
3634AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3635proof (rule "→I"; rule "≡I"; rule "→I")
3636  AOT_assume (φ  φ)
3637  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3638  moreover AOT_assume ¬φ
3639  ultimately AOT_have ¬φ
3640    using "modus-tollens:1" by blast
3641  AOT_thus ¬φ
3642    using "KBasic2:1" "≡E"(2) by blast
3643next
3644  AOT_assume (φ  φ)
3645  moreover AOT_assume ¬φ
3646  ultimately AOT_show ¬φ
3647    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3648qed
3649
3650AOT_theorem "sc-eq-box-box:4":
3651  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3652proof(rule "→I"; rule "→I")
3653  AOT_assume θ: (φ  φ) & (ψ  ψ)
3654  AOT_assume ξ: φ  ψ
3655  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3656    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3657  moreover {
3658    AOT_assume φ & ψ
3659    AOT_hence (φ  ψ)
3660      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3661  }
3662  moreover {
3663    AOT_assume ¬φ & ¬ψ
3664    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3665      using θ "Conjunction Simplification"(1,2)
3666            "sc-eq-box-box:3" "→E" by metis+
3667    ultimately AOT_have ¬φ & ¬ψ
3668      by (metis "&I" "Conjunction Simplification"(1,2)
3669                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3670    AOT_hence (φ  ψ)
3671      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3672  }
3673  ultimately AOT_show (φ  ψ)
3674    using "∨E"(2) "reductio-aa:1" by blast
3675qed
3676
3677AOT_theorem "sc-eq-box-box:5":
3678  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3679proof (rule "→I")
3680  AOT_assume ((φ  φ) & (ψ  ψ))
3681  AOT_hence ((φ  φ) & (ψ  ψ))
3682    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3683  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3684  proof (rule RM; rule "→I"; rule "→I")
3685    AOT_modally_strict {
3686      AOT_assume A: ((φ  φ) & (ψ  ψ))
3687      AOT_hence φ  φ and ψ  ψ
3688        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3689      moreover AOT_assume φ  ψ
3690      ultimately AOT_have φ  ψ
3691        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3692      moreover AOT_have (φ  ψ)  (φ  ψ)
3693        using A "sc-eq-box-box:4" "→E" by blast
3694      ultimately AOT_show (φ  ψ) using "→E" by blast
3695    }
3696  qed
3697  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3698qed
3699
3700AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3701proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3702  AOT_assume ¬(φ  ψ)
3703  AOT_hence ¬(φ  ψ)
3704    by (metis "KBasic:11" "≡E"(1))
3705  AOT_hence (φ & ¬ψ)
3706    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3707       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3708  AOT_hence φ and 2: ¬ψ
3709    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3710  moreover AOT_assume (φ  φ)
3711  ultimately AOT_have φ
3712    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3713  AOT_hence φ
3714    using "qml:2"[axiom_inst, THEN "→E"] by blast
3715  moreover AOT_assume φ  ψ
3716  ultimately AOT_have ψ
3717    using "→E" by blast
3718  moreover AOT_have ¬ψ
3719    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3720  ultimately AOT_show ψ & ¬ψ
3721    using "&I" by blast
3722qed
3723
3724AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3725proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3726  AOT_assume ¬𝒜(φ  ψ)
3727  AOT_hence 𝒜¬(φ  ψ)
3728    by (metis "Act-Basic:1" "∨E"(2))
3729  AOT_hence 𝒜(φ & ¬ψ)
3730    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3731       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3732  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3733    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3734  AOT_hence φ
3735    by (metis "Act-Sub:3" "→E")
3736  moreover AOT_assume (φ  φ)
3737  ultimately AOT_have φ
3738    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3739  AOT_hence φ
3740    using "qml:2"[axiom_inst, THEN "→E"] by blast
3741  moreover AOT_assume φ  𝒜ψ
3742  ultimately AOT_have 𝒜ψ
3743    using "→E" by blast
3744  moreover AOT_have ¬𝒜ψ
3745    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3746  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3747    using "&I" by blast
3748qed
3749
3750AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3751  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3752
3753AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3754  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3755            "→I" "≡I" "nec-imp-act")
3756
3757AOT_theorem "sc-eq-fur:3":
3758  x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3759proof (rule "→I"; rule "→I")
3760  AOT_assume x (φ{x}  φ{x})
3761  AOT_hence A: x (φ{x}  φ{x})
3762    using CBF "→E" by blast
3763  AOT_assume ∃!x φ{x}
3764  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3765    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3766  moreover AOT_have φ{a}
3767    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3768  AOT_hence 𝒜φ{a}
3769    using "nec-imp-act" "→E" by blast
3770  moreover AOT_have y (𝒜φ{y}  y = a)
3771  proof (rule "∀I"; rule "→I")
3772    fix b
3773    AOT_assume 𝒜φ{b}
3774    AOT_hence φ{b}
3775      using "Act-Sub:3" "→E" by blast
3776    moreover {
3777      AOT_have (φ{b}  φ{b})
3778        using A "∀E"(2) by blast
3779      AOT_hence φ{b}  φ{b}
3780        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3781    }
3782    ultimately AOT_have φ{b}
3783      using "→E" by blast
3784    AOT_hence φ{b}
3785      using "qml:2"[axiom_inst] "→E" by blast
3786    AOT_thus b = a
3787      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3788  qed
3789  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3790    using "&I" by blast
3791  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3792    using "∃I" by fast
3793  AOT_hence ∃!x 𝒜φ{x}
3794    using "uniqueness:1"[THEN "≡dfI"] by fast
3795  AOT_thus ιx φ{x}
3796    using "actual-desc:1"[THEN "≡E"(2)] by blast
3797qed
3798
3799AOT_theorem "sc-eq-fur:4":
3800x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3801proof (rule "→I")
3802  AOT_assume x (φ{x}  φ{x})
3803  AOT_hence x (φ{x}  φ{x})
3804    using CBF "→E" by blast
3805  AOT_hence A: 𝒜φ{α}  φ{α} for α
3806    using "sc-eq-fur:2" "∀E" "→E" by fast
3807  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3808  proof (rule "≡I"; rule "→I")
3809    AOT_assume x = ιx φ{x}
3810    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3811      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3812    AOT_show φ{x} & z (φ{z}  z = x)
3813    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3814      AOT_show φ{x}
3815        using A B[THEN "&E"(1)] "≡E"(1) by blast
3816    next
3817      AOT_show z = x if φ{z} for z
3818        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3819    qed
3820  next
3821    AOT_assume B: φ{x} & z (φ{z}  z = x)
3822    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3823    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3824      AOT_show 𝒜φ{x}
3825        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3826    next
3827      AOT_show b = x if 𝒜φ{b} for b
3828        using A[THEN "≡E"(1)] that
3829              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3830    qed
3831    AOT_thus x = ιx φ{x}
3832      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3833  qed
3834qed
3835
3836AOT_theorem "id-act:1": α = β  𝒜α = β
3837  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3838            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3839
3840AOT_theorem "id-act:2": α  β  𝒜α  β
3841proof (AOT_subst α  β ¬(α = β))
3842  AOT_modally_strict {
3843    AOT_show α  β  ¬(α = β)
3844      by (simp add: "=-infix" "≡Df")
3845  }
3846next
3847  AOT_show ¬(α = β)  𝒜¬(α = β)
3848  proof (safe intro!: "≡I" "→I")
3849    AOT_assume ¬α = β
3850    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3851    AOT_thus 𝒜¬α = β
3852      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3853  next
3854    AOT_assume 𝒜¬α = β
3855    AOT_hence ¬𝒜α = β
3856      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3857    AOT_thus ¬α = β
3858      using "id-act:1" "≡E"(4) by blast
3859  qed
3860qed
3861
3862AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3863proof -
3864  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3865    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3866       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3867  also AOT_have   α 𝒜β (φ{β}  β = α)
3868    by (simp add: "Act-Basic:10")
3869  also AOT_have   αβ 𝒜(φ{β}  β = α)
3870    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3871       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3872  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3873    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3874                            𝒜(φ{β}  β = α) for: α β :: 'a)
3875       (auto simp: "Act-Basic:5" "cqt-further:7")
3876  also AOT_have   αβ (𝒜φ{β}  β = α)
3877    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3878       (auto simp: "id-act:1" "cqt-further:7")
3879  also AOT_have ...  ∃!α 𝒜φ{α}
3880    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3881  finally show ?thesis.
3882qed
3883
3884AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3885  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3886     (auto simp: "actual-desc:1" "A-Exists:1")
3887
3888AOT_theorem "id-act-desc:1": ιx (x = y)
3889proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3890  AOT_show x E!x  E!x]ιx (x = y)
3891  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3892         rule "∃I"; (rule "&I")+)
3893    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3894  next
3895    AOT_show z (𝒜z = y  z = y)
3896      apply (rule "∀I")
3897      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3898  next
3899    AOT_show x E!x  E!x]y
3900    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3901      AOT_show x E!x  E!x]
3902        by "cqt:2[lambda]"
3903    next
3904      AOT_show E!y  E!y 
3905        by (simp add: "if-p-then-p")
3906    qed
3907  qed
3908next
3909  AOT_show x E!x  E!x]
3910    by "cqt:2[lambda]"
3911qed
3912
3913AOT_theorem "id-act-desc:2": y = ιx (x = y)
3914  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3915      rule "∀I"; rule "id-act:1"[symmetric])
3916
3917AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3918  by (simp add: encoding "vdash-properties:1[2]")
3919
3920AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3921proof (rule "→I")
3922  AOT_assume x1x2[F]
3923  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3924    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3925  moreover AOT_have y [F]yx2] by "cqt:2"
3926  moreover AOT_have y [F]x1y] by "cqt:2"
3927  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3928    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3929  note A = this
3930  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3931    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3932  AOT_thus x1x2[F]
3933    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3934                                THEN "KBasic:6"[THEN "→E"],
3935                                THEN "≡E"(2)])
3936qed
3937
3938AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3939proof (rule "→I")
3940  AOT_assume x1x2x3[F]
3941  AOT_hence x1y [F]yx2x3]
3942        and x2y [F]x1yx3]
3943        and x3y [F]x1x2y]
3944    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3945  moreover AOT_have y [F]yx2x3] by "cqt:2"
3946  moreover AOT_have y [F]x1yx3] by "cqt:2"
3947  moreover AOT_have y [F]x1x2y] by "cqt:2"
3948  ultimately AOT_have x1y [F]yx2x3]
3949                  and x2y [F]x1yx3]
3950                  and x3y [F]x1x2y]
3951    using encoding[axiom_inst, unvarify F] "→E" by blast+
3952  note A = this
3953  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3954    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3955  AOT_thus x1x2x3[F]
3956    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3957                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3958qed
3959
3960AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3961proof (rule "→I")
3962  AOT_assume x1x2x3x4[F]
3963  AOT_hence x1y [F]yx2x3x4]
3964        and x2y [F]x1yx3x4]
3965        and x3y [F]x1x2yx4]
3966        and x4y [F]x1x2x3y]
3967    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3968  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3969  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3970  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3971  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
3972  ultimately AOT_have x1y [F]yx2x3x4]
3973                  and x2y [F]x1yx3x4]
3974                  and x3y [F]x1x2yx4]
3975                  and x4y [F]x1x2x3y]
3976    using "→E" encoding[axiom_inst, unvarify F] by blast+
3977  note A = this
3978  AOT_have B: (x1y [F]yx2x3x4] &
3979                  x2y [F]x1yx3x4] &
3980                  x3y [F]x1x2yx4] &
3981                  x4y [F]x1x2x3y])
3982    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3983  AOT_thus x1x2x3x4[F]
3984    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
3985              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3986qed
3987
3988AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3989proof (rule "→I"; rule "raa-cor:1")
3990  AOT_assume ¬¬x1[F]
3991  AOT_hence x1[F]
3992    by (rule "conventions:5"[THEN "≡dfI"])
3993  AOT_hence x1[F]
3994    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
3995              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3996  moreover AOT_assume ¬x1[F]
3997  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3998qed
3999AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
4000proof (rule "→I"; rule "raa-cor:1")
4001  AOT_assume ¬¬x1x2[F]
4002  AOT_hence x1x2[F]
4003    by (rule "conventions:5"[THEN "≡dfI"])
4004  AOT_hence x1x2[F]
4005    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
4006              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4007  moreover AOT_assume ¬x1x2[F]
4008  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
4009qed
4010
4011AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4012proof (rule "→I"; rule "raa-cor:1")
4013  AOT_assume ¬¬x1x2x3[F]
4014  AOT_hence x1x2x3[F]
4015    by (rule "conventions:5"[THEN "≡dfI"])
4016  AOT_hence x1x2x3[F]
4017    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4018              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4019  moreover AOT_assume ¬x1x2x3[F]
4020  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4021qed
4022
4023AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4024proof (rule "→I"; rule "raa-cor:1")
4025  AOT_assume ¬¬x1x2x3x4[F]
4026  AOT_hence x1x2x3x4[F]
4027    by (rule "conventions:5"[THEN "≡dfI"])
4028  AOT_hence x1x2x3x4[F]
4029    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4030                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4031  moreover AOT_assume ¬x1x2x3x4[F]
4032  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4033qed
4034
4035AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4036  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4037AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4038  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4039AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4040  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4041AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4042  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4043
4044AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4045  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4046AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4047  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4048AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4049  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4050AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4051  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4052
4053AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4054  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4055AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4056  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4057AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4058  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4059AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4060  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4061
4062AOT_theorem "en-eq:4[1]":
4063  (x1[F]  y1[G])  (x1[F]  y1[G])
4064  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4065  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4066AOT_theorem "en-eq:4[2]":
4067  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4068  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4069  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4070AOT_theorem "en-eq:4[3]":
4071  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4072  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4073  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4074AOT_theorem "en-eq:4[4]":
4075  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4076  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4077  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4078
4079AOT_theorem "en-eq:5[1]":
4080  (x1[F]  y1[G])  (x1[F]  y1[G])
4081  apply (rule "≡I"; rule "→I")
4082  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4083   apply blast
4084  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4085        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4086  by blast
4087AOT_theorem "en-eq:5[2]":
4088  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4089  apply (rule "≡I"; rule "→I")
4090  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4091   apply blast
4092  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4093        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4094  by blast
4095AOT_theorem "en-eq:5[3]":
4096  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4097  apply (rule "≡I"; rule "→I")
4098  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4099   apply blast
4100  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4101        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4102  by blast
4103AOT_theorem "en-eq:5[4]":
4104  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4105  apply (rule "≡I"; rule "→I")
4106  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4107   apply blast
4108  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4109        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4110  by blast
4111
4112AOT_theorem "en-eq:6[1]":
4113  (x1[F]  y1[G])  (x1[F]  y1[G])
4114  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4115AOT_theorem "en-eq:6[2]":
4116  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4117  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4118AOT_theorem "en-eq:6[3]":
4119  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4120  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4121AOT_theorem "en-eq:6[4]":
4122  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4123  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4124
4125AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4126  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4127AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4128  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4129AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4130  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4131AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4132  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4133
4134AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4135  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4136        "KBasic:11" "≡E"(5)[symmetric] by blast
4137AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4138  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4139        "KBasic:11" "≡E"(5)[symmetric] by blast
4140AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4141  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4142        "KBasic:11" "≡E"(5)[symmetric] by blast
4143AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4144  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4145        "KBasic:11" "≡E"(5)[symmetric] by blast
4146
4147AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4148  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4149AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4150  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4151AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4152  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4153AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4154  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4155
4156AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4157  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4158            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4159AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4160  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4161            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4162AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4163  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4164            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4165AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4166  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4167            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4168
4169AOT_theorem "oa-facts:1": O!x  O!x
4170proof(rule "→I")
4171  AOT_modally_strict {
4172    AOT_have x E!x]x  E!x
4173      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4174  } note θ = this
4175  AOT_assume O!x
4176  AOT_hence x E!x]x
4177    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4178  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4179  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4180  AOT_hence x E!x]x
4181    by (AOT_subst x E!x]x E!x)
4182       (auto simp: θ)
4183  AOT_thus O!x
4184    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4185qed
4186
4187AOT_theorem "oa-facts:2": A!x  A!x
4188proof(rule "→I")
4189  AOT_modally_strict {
4190    AOT_have x ¬E!x]x  ¬E!x
4191      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4192  } note θ = this
4193  AOT_assume A!x
4194  AOT_hence x ¬E!x]x
4195    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4196  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4197  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4198  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4199  AOT_hence ¬E!x
4200    using "KBasic2:1"
4201    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4202  AOT_hence x ¬E!x]x
4203    by (AOT_subst x ¬E!x]x ¬E!x)
4204       (auto simp: θ)
4205  AOT_thus A!x
4206    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4207qed
4208
4209AOT_theorem "oa-facts:3": O!x  O!x
4210  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4211AOT_theorem "oa-facts:4": A!x  A!x
4212  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4213
4214AOT_theorem "oa-facts:5": O!x  O!x
4215  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4216            "oa-facts:1" "oa-facts:3")
4217
4218AOT_theorem "oa-facts:6": A!x  A!x
4219  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4220            "oa-facts:2" "oa-facts:4")
4221
4222AOT_theorem "oa-facts:7": O!x  𝒜O!x
4223  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4224            "oa-facts:1" "oa-facts:3")
4225
4226AOT_theorem "oa-facts:8": A!x  𝒜A!x
4227  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4228            "oa-facts:2" "oa-facts:4")
4229
4230subsection‹The Theory of Relations›
4231text‹\label{PLM: 9.10}›
4232
4233AOT_theorem "beta-C-meta":
4234  μ1...μn φ{μ1...μn, ν1...νn}] 
4235   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4236  using "lambda-predicates:2"[axiom_inst] by blast
4237
4238AOT_theorem "beta-C-cor:1":
4239  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4240   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4241  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4242  using "beta-C-meta" "∀I" by fast
4243
4244AOT_theorem "beta-C-cor:2":
4245  μ1...μn φ{μ1...μn}] 
4246   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4247  apply (rule "→I"; rule "∀I")
4248  using "beta-C-meta"[THEN "→E"] by fast
4249
4250(* TODO: syntax *)
4251theorem "beta-C-cor:3":
4252  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4253  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4254                         φ{ν1...νn, ν1...νn})]
4255  using "cqt:2[lambda]"[axiom_inst, OF assms]
4256        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4257
4258AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4259proof -
4260  AOT_modally_strict {
4261    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4262    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4263      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4264    ultimately AOT_show φ{κ1...κn}
4265      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4266  }
4267qed
4268
4269AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4270  using "betaC:1:a" "raa-cor:3" by blast
4271
4272lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4273
4274AOT_theorem "betaC:2:a":
4275  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4276   μ1...μn φ{μ1...μn}]κ1...κn
4277proof -
4278  AOT_modally_strict {
4279    AOT_assume 1: μ1...μn φ{μ1...μn}]
4280           and 2: κ1...κn
4281           and 3: φ{κ1...κn}
4282    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4283      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4284      by blast
4285  }
4286  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4287            μ1...μn φ{μ1...μn}]κ1...κn
4288    by blast
4289qed
4290
4291AOT_theorem "betaC:2:b":
4292  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4293   ¬φ{κ1...κn}
4294  using "betaC:2:a" "raa-cor:3" by blast
4295
4296lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4297
4298AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4299  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4300
4301(* Note: generalized alphabetic variant of the last theorem *)
4302AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4303  using "eta-conversion-lemma1:1".
4304
4305text‹Note: not explicitly part of PLM.›
4306AOT_theorem id_sym:
4307  assumes τ = τ'
4308  shows τ' = τ
4309  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4310        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4311declare id_sym[sym]
4312
4313text‹Note: not explicitly part of PLM.›
4314AOT_theorem id_trans:
4315  assumes τ = τ' and τ' = τ''
4316  shows τ = τ''
4317  using "rule=E" assms by blast
4318declare id_trans[trans]
4319
4320method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4321  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4322   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4323    [THEN "→E", of v "«[Π]»", symmetric]])
4324(*
4325AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4326  apply ("ηC" "«[P]»") defer
4327   apply ("ηC" "«[S]»") defer
4328  oops
4329*)
4330(* TODO: proper representation of eta_conversion_lemma2 *)
4331
4332AOT_theorem "sub-des-lam:1":
4333  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4334   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4335proof(rule "→I")
4336  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4337  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4338    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4339                                   z1...zn χ{z1...zn, τ}]»",
4340               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4341    by blast
4342qed
4343
4344AOT_theorem "sub-des-lam:2":
4345  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4346  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4347                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4348
4349AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4350proof(rule "≡I"; rule "→I")
4351  AOT_assume F = G
4352  AOT_thus x (x[F]  x[G])
4353    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4354next
4355  AOT_assume x (x[F]  x[G])
4356  AOT_hence x[F]  x[G] for x
4357    using "∀E" by blast
4358  AOT_hence (x[F]  x[G]) for x
4359    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4360  AOT_hence x (x[F]  x[G])
4361    by (rule GEN)
4362  AOT_hence x (x[F]  x[G])
4363    using BF[THEN "→E"] by fast
4364  AOT_thus "F = G"
4365    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4366qed
4367
4368AOT_theorem "relations:1":
4369  assumes INSTANCE_OF_CQT_2(φ)
4370  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4371  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4372  using "cqt:2[lambda]"[OF assms, axiom_inst]
4373        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4374
4375AOT_theorem "relations:2":
4376  assumes INSTANCE_OF_CQT_2(φ)
4377  shows F x ([F]x  φ{x})
4378  using "relations:1" assms by blast
4379
4380AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4381proof(rule "raa-cor:2")
4382  let ?K="«x G (x[G] & ¬[G]x)]»"
4383  AOT_assume A: «?K»
4384  AOT_have x (A!x & F (x[F]  F = «?K»))
4385    using "A-objects"[axiom_inst] by fast
4386  then AOT_obtain a where ξ: A!a & F (a[F]  F = «?K»)
4387    using "∃E"[rotated] by blast
4388  AOT_show p & ¬p for p
4389  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4390    AOT_assume B: [«?K»]a
4391    AOT_hence G (a[G] & ¬[G]a)
4392      using "β→C" A by blast
4393    then AOT_obtain P where a[P] & ¬[P]a
4394      using "∃E"[rotated] by blast
4395    moreover AOT_have P = [«?K»]
4396      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4397            calculation[THEN "&E"(1)] by blast
4398    ultimately AOT_have ¬[«?K»]a
4399      using "rule=E" "&E"(2) by fast
4400    AOT_thus p & ¬p
4401      using B RAA by blast
4402  next
4403    AOT_assume B: ¬[«?K»]a
4404    AOT_hence ¬G (a[G] & ¬[G]a)
4405      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4406    AOT_hence C: G ¬(a[G] & ¬[G]a)
4407      using "cqt-further:4"[THEN "→E"] by blast
4408    AOT_have G (a[G]  [G]a)
4409      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4410         (auto simp: "oth-class-taut:1:a" C)
4411    AOT_hence a[«?K»]  [«?K»]a
4412      using "∀E" A by blast
4413    moreover AOT_have a[«?K»]
4414      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4415      using "=I"(1)[OF A] by blast
4416    ultimately AOT_show p & ¬p
4417      using B "→E" RAA by blast
4418  qed
4419qed
4420
4421AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4422proof(rule RAA(2))
4423  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4424  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4425    using "∃E"[rotated] by blast
4426  AOT_have x (A!x & G (x[G]  G = F))
4427    using "A-objects"[axiom_inst] by fast
4428  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4429    using "∃E"[rotated] by blast
4430  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4431  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4432    AOT_assume B: [F]a
4433    AOT_hence G (a[G] & ¬[G]a)
4434      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4435    then AOT_obtain P where a[P] & ¬[P]a
4436      using "∃E"[rotated] by blast
4437    moreover AOT_have P = F
4438      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4439            calculation[THEN "&E"(1)] by blast
4440    ultimately AOT_have ¬[F]a
4441      using "rule=E" "&E"(2) by fast
4442    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4443      using B RAA by blast
4444  next
4445    AOT_assume B: ¬[F]a
4446    AOT_hence ¬G (a[G] & ¬[G]a)
4447      using "oth-class-taut:4:b"[THEN "≡E"(1),
4448              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4449      by simp
4450    AOT_hence C: G ¬(a[G] & ¬[G]a)
4451      using "cqt-further:4"[THEN "→E"] by blast
4452    AOT_have G (a[G]  [G]a)
4453      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4454         (auto simp: "oth-class-taut:1:a" C)
4455    AOT_hence a[F]  [F]a
4456      using "∀E" by blast
4457    moreover AOT_have a[F]
4458      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4459      using "=I"(2) by blast
4460    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4461      using B "→E" RAA by blast
4462  qed
4463qed(simp)
4464
4465AOT_theorem "block-paradox:3": ¬y z z = y]
4466proof(rule RAA(2))
4467  AOT_assume θ: y z z = y]
4468  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4469    using "A-objects"[axiom_inst] by force
4470  then AOT_obtain a where
4471    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4472    using "∃E"[rotated] by blast
4473  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4474    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4475  AOT_show ¬y z z = y]
4476  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4477    AOT_assume A: az z = a]
4478    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4479      using ζ[THEN "≡E"(1)] by blast
4480    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4481      using "∃E"[rotated] by blast
4482    moreover AOT_have a = a by (rule "=I")
4483    moreover AOT_have z z = a] using θ "∀E" by blast
4484    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4485    ultimately AOT_have z z = a]a using "β←C" by blast
4486    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4487    AOT_hence a = b using "β→C" by blast
4488    AOT_hence bz z = a] using A "rule=E" by fast
4489    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4490  next
4491    AOT_assume A: ¬az z = a]
4492    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4493      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4494    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4495      using "cqt-further:4"[THEN "→E"] by blast
4496    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4497      using "∀E" by blast
4498    AOT_hence z z = a] = z z = a]  az z = a]
4499      by (metis "&I" "deduction-theorem" "raa-cor:4")
4500    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4501    AOT_thus ¬y z z = y] using A RAA by blast
4502  qed
4503qed(simp)
4504
4505AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4506proof(rule RAA(2))
4507  AOT_assume θ: y F x([F]x  x = y)
4508  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4509    using "A-objects"[axiom_inst] by force
4510  then AOT_obtain a where
4511    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4512    using "∃E"[rotated] by blast
4513  AOT_obtain F where F_prop: x ([F]x  x = a)
4514    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4515  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4516    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4517  AOT_show ¬y F x([F]x  x = y)
4518  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4519    AOT_assume A: a[F]
4520    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4521      using ζ[THEN "≡E"(1)] by blast
4522    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4523      using "∃E"[rotated] by blast
4524    moreover AOT_have [F]a
4525      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4526    ultimately AOT_have a = b
4527      using "∀E"(2) "≡E"(1) "&E" by fast
4528    AOT_hence a = b
4529      using "β→C" by blast
4530    AOT_hence b[F]
4531      using A "rule=E" by fast
4532    AOT_thus ¬y F x([F]x  x = y)
4533      using b_prop[THEN "&E"(2)] RAA by blast
4534  next
4535    AOT_assume A: ¬a[F]
4536    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4537      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4538    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4539      using "cqt-further:4"[THEN "→E"] by blast
4540    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4541      using "∀E" by blast
4542    AOT_hence y ([F]y  y = a)  a[F]
4543      by (metis "&I" "deduction-theorem" "raa-cor:4")
4544    AOT_hence a[F] using F_prop "→E" by blast
4545    AOT_thus ¬y F x([F]x  x = y)
4546      using A RAA by blast
4547  qed
4548qed(simp)
4549
4550AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4551proof(rule "raa-cor:2")
4552  AOT_assume Fxy([F]xy  y = x)
4553  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4554    using "∃E"[rotated] by blast
4555  {
4556    fix x
4557    AOT_have 1: y([F]xy  y = x)
4558      using F_prop "∀E" by blast
4559    AOT_have 2: z [F]xz] by "cqt:2"
4560    moreover AOT_have y(z [F]xz]y  y = x)
4561    proof(rule "∀I")
4562      fix y
4563      AOT_have z [F]xz]y  [F]xy
4564        using "beta-C-meta"[THEN "→E"] 2 by fast
4565      also AOT_have ...  y = x
4566        using 1 "∀E" by fast
4567      finally AOT_show z [F]xz]y  y = x.
4568    qed
4569    ultimately AOT_have Fy([F]y  y = x)
4570      using "∃I" by fast
4571  }
4572  AOT_hence xFy([F]y  y = x)
4573    by (rule GEN)
4574  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4575    using "&I" "block-paradox:4" by blast
4576qed
4577
4578AOT_act_theorem "block-paradox2:1":
4579  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4580proof(rule "→I"; rule "raa-cor:2")
4581  AOT_assume antecedant: x [G]x
4582  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4583  proof(rule GEN)
4584    fix x
4585    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4586                 ∃!y (y = x & H (x[H] & ¬[H]x))
4587    proof(rule "≡I"; rule "→I")
4588      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4589      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4590        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4591      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4592        using "!-exists:1"[THEN "≡E"(1)] by blast
4593    next
4594      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4595      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4596                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4597        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4598      AOT_have a_3: [G]a
4599        using antecedant "∀E" by blast
4600      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4601        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4602        apply (rule "∃I"(2))
4603        using a_1 a_2 a_3 "&I" by blast
4604    qed
4605    also AOT_have B: ...  H (x[H] & ¬[H]x)
4606    proof (rule "≡I"; rule "→I")
4607      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4608      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4609        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4610      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4611    next
4612      AOT_assume H (x[H] & ¬[H]x)
4613      AOT_hence x = x & H (x[H] & ¬[H]x)
4614        using "id-eq:1" "&I" by blast
4615      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4616        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4617      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4618        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4619    qed
4620    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4621  qed
4622
4623  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4624  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4625                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4626    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4627  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4628    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4629  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4630    using "∃I"(1) A by fast
4631  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4632            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4633    using "block-paradox:2" "&I" by blast
4634qed
4635
4636text‹Note: Strengthens the above to a modally-strict theorem.
4637           Not explicitly part of PLM.›
4638AOT_theorem "block-paradox2:1[strict]":
4639  x 𝒜[G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4640proof(rule "→I"; rule "raa-cor:2")
4641  AOT_assume antecedant: x 𝒜[G]x
4642  AOT_have Lemma: 𝒜x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4643  proof(safe intro!: GEN "Act-Basic:5"[THEN "≡E"(2)]
4644                     "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)])
4645    fix x
4646    AOT_have A: 𝒜[G]ιy (y = x & H (x[H] & ¬[H]x)) 
4647                 ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4648    proof(rule "≡I"; rule "→I")
4649      AOT_assume 𝒜[G]ιy (y = x & H (x[H] & ¬[H]x))
4650      moreover AOT_have ([G]ιy (y = x & H (x[H] & ¬[H]x)) 
4651                                  ιy (y = x & H (x[H] & ¬[H]x)))
4652      proof(rule RN; rule "→I")
4653        AOT_modally_strict {
4654          AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4655          AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4656            using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4657          AOT_thus ιy (y = x & H (x[H] & ¬[H]x))
4658            using "exist-nec"[THEN "→E"] by blast
4659        }
4660      qed
4661      ultimately AOT_have 𝒜ιy (y = x & H (x[H] & ¬[H]x))
4662        using "act-cond"[THEN "→E", THEN "→E"] "nec-imp-act"[THEN "→E"] by blast
4663      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4664        using "Act-Sub:3" "B◇" "vdash-properties:10" by blast
4665      AOT_thus ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4666        using "actual-desc:1"[THEN "≡E"(1)] by blast
4667    next
4668      AOT_assume A: ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4669      AOT_obtain a where a_1: 𝒜(a = x & H (x[H] & ¬[H]x))
4670                     and a_2: z (𝒜(z = x & H (x[H] & ¬[H]x))  z = a)
4671        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4672      AOT_have a_3: 𝒜[G]a
4673        using antecedant "∀E" by blast
4674      moreover AOT_have a = ιy(y = x & H (x[H] & ¬[H]x))
4675        using "nec-hintikka-scheme"[THEN "≡E"(2), OF "&I"] a_1 a_2 by auto
4676      ultimately AOT_show 𝒜[G]ιy (y = x & H (x[H] & ¬[H]x))
4677        using "rule=E" by fast
4678    qed
4679    also AOT_have B: ...  𝒜H (x[H] & ¬[H]x)
4680    proof (rule "≡I"; rule "→I")
4681      AOT_assume A: ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4682      AOT_obtain a where 𝒜(a = x & H (x[H] & ¬[H]x))
4683        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4684      AOT_thus 𝒜H (x[H] & ¬[H]x)
4685        using "Act-Basic:2"[THEN "≡E"(1), THEN "&E"(2)] by blast
4686    next
4687      AOT_assume 𝒜H (x[H] & ¬[H]x)
4688      AOT_hence 𝒜x = x & 𝒜H (x[H] & ¬[H]x)
4689        using "id-eq:1" "&I" "RA[2]" by blast
4690      AOT_hence 𝒜(x = x & H (x[H] & ¬[H]x))
4691        using "act-conj-act:3" "Act-Basic:2" "≡E" by blast
4692      moreover AOT_have z (𝒜(z = x & H (x[H] & ¬[H]x))  z = x)
4693      proof(safe intro!: GEN "→I")
4694        fix z
4695        AOT_assume 𝒜(z = x & H (x[H] & ¬[H]x))
4696        AOT_hence 𝒜(z = x)
4697          using "Act-Basic:2"[THEN "≡E"(1), THEN "&E"(1)] by blast
4698        AOT_thus z = x
4699           by (metis "id-act:1" "intro-elim:3:b")
4700      qed
4701      ultimately AOT_show ∃!y 𝒜(y = x & H (x[H] & ¬[H]x))
4702        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4703    qed
4704    finally AOT_show (𝒜[G]ιy(y = x & H (x[H] & ¬[H]x))  𝒜H (x[H] & ¬[H]x)).
4705  qed
4706
4707  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4708  AOT_hence 𝒜x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4709    using "exist-nec" "→E" "nec-imp-act"[THEN "→E"] by blast
4710  AOT_hence 𝒜(x [G]ιy (y = x & H (x[H] & ¬[H]x))] &
4711                x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)))
4712    using Lemma "Act-Basic:2"[THEN "≡E"(2)] "&I" by blast
4713  moreover AOT_have 𝒜(x [G]ιy (y = x & H (x[H] & ¬[H]x))] &
4714                x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)))
4715       𝒜p (p & ¬p)
4716  proof (rule "logic-actual-nec:2"[axiom_inst, THEN "≡E"(1)];
4717         rule "RA[2]"; rule "→I")
4718    AOT_modally_strict {
4719      AOT_assume 0: x [G]ιy (y = x & H (x[H] & ¬[H]x))] &
4720                x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4721      AOT_have F x ([F]x  G (x[G] & ¬[G]x))
4722      proof(rule "∃I"(1))
4723        AOT_show x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4724        proof(safe intro!: GEN "≡I" "→I" "β←C" dest!: "β→C")
4725          fix x
4726          AOT_assume [G]ιy(y = x & H (x[H] & ¬[H]x))
4727          AOT_thus H (x[H] & ¬[H]x)
4728            using 0 "&E" "∀E"(2) "≡E"(1) by blast
4729        next
4730          fix x
4731          AOT_assume H (x[H] & ¬[H]x)
4732          AOT_thus [G]ιy(y = x & H (x[H] & ¬[H]x))
4733            using 0 "&E" "∀E"(2) "≡E"(2) by blast
4734        qed(auto intro!: 0[THEN "&E"(1)] "cqt:2")
4735      next
4736        AOT_show x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4737          using 0 "&E"(1) by blast
4738      qed
4739      AOT_thus p (p & ¬p)
4740        using "block-paradox:2" "reductio-aa:1" by blast
4741    }
4742  qed
4743  ultimately AOT_have 𝒜p (p & ¬p)
4744    using "→E" by blast
4745  AOT_hence p 𝒜(p & ¬p)
4746    by (metis "Act-Basic:10" "intro-elim:3:a")
4747  then AOT_obtain p where 𝒜(p & ¬p)
4748    using "∃E"[rotated] by blast
4749  moreover AOT_have ¬𝒜(p & ¬p)
4750    using "non-contradiction"[THEN "RA[2]"]
4751    by (meson "Act-Sub:1" "¬¬I" "intro-elim:3:d")
4752  ultimately AOT_show p & ¬p for p
4753    by (metis "raa-cor:3")
4754qed
4755
4756AOT_act_theorem "block-paradox2:2":
4757  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4758proof(rule "∃I"(1))
4759  AOT_have 0: x p (p p)]
4760    by "cqt:2[lambda]"
4761  moreover AOT_have x x p (p p)]x
4762    apply (rule GEN)
4763    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4764    using "if-p-then-p" GEN by fast
4765  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4766      using "block-paradox2:1" "∀I" by fast
4767  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4768    using "∀E"(1) "→E" by blast
4769qed("cqt:2[lambda]")
4770
4771AOT_theorem propositions: p (p  φ)
4772proof(rule "∃I"(1))
4773  AOT_show (φ  φ)
4774    by (simp add: RN "oth-class-taut:3:a")
4775next
4776  AOT_show φ
4777    by (simp add: "log-prop-prop:2")
4778qed
4779
4780AOT_theorem "pos-not-equiv-ne:1":
4781  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4782proof (rule "→I")
4783  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4784  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4785    using "KBasic:11"[THEN "≡E"(2)] by blast
4786  AOT_hence ¬(F = G)
4787    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4788  AOT_thus F  G
4789    using "=-infix"[THEN "≡dfI"] by blast
4790qed
4791
4792AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4793proof (rule "→I")
4794  AOT_modally_strict {
4795    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4796    proof (rule "→I"; rule "raa-cor:2")
4797      AOT_assume 1: F = G
4798      AOT_hence φ{F}  φ{G}
4799        using "l-identity"[axiom_inst, THEN "→E"] by blast
4800      moreover {
4801        AOT_have G = F
4802          using 1 id_sym by blast
4803        AOT_hence φ{G}  φ{F}
4804          using "l-identity"[axiom_inst, THEN "→E"] by blast
4805      }
4806      ultimately AOT_have φ{F}  φ{G}
4807        using "≡I" by blast
4808      moreover AOT_assume ¬(φ{F}  φ{G})
4809      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4810        using "&I" by blast
4811    qed
4812  }
4813  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4814    using "RM:2[prem]" by blast
4815  moreover AOT_assume ¬(φ{F}  φ{G})
4816  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4817  AOT_have (F  G)
4818    by (AOT_subst F  G ¬(F = G))
4819       (auto simp: "=-infix" "≡Df" 0)
4820  AOT_thus F  G
4821    using "id-nec2:3"[THEN "→E"] by blast
4822qed
4823
4824AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4825proof (rule "→I")
4826  AOT_modally_strict {
4827    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4828    proof (rule "→I"; rule "raa-cor:2")
4829      AOT_assume 1: p = q
4830      AOT_hence φ{p}  φ{q}
4831        using "l-identity"[axiom_inst, THEN "→E"] by blast
4832      moreover {
4833        AOT_have q = p
4834          using 1 id_sym by blast
4835        AOT_hence φ{q}  φ{p}
4836          using "l-identity"[axiom_inst, THEN "→E"] by blast
4837      }
4838      ultimately AOT_have φ{p}  φ{q}
4839        using "≡I" by blast
4840      moreover AOT_assume ¬(φ{p}  φ{q})
4841      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4842        using "&I" by blast
4843    qed
4844  }
4845  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4846    using "RM:2[prem]" by blast
4847  moreover AOT_assume ¬(φ{p}  φ{q})
4848  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4849  AOT_have (p  q)
4850    by (AOT_subst p  q ¬(p = q))
4851       (auto simp: 0 "=-infix" "≡Df")
4852  AOT_thus p  q
4853    using "id-nec2:3"[THEN "→E"] by blast
4854qed
4855
4856AOT_theorem "pos-not-equiv-ne:3":
4857  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4858  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4859
4860AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4861  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4862
4863AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4864  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4865        "T◇"[THEN "→E"] by blast
4866
4867AOT_define relation_negation ::  Π" ("_-")
4868  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4869
4870nonterminal φneg
4871syntax "" :: "φneg  τ" ("_")
4872syntax "" :: "φneg  φ" ("'(_')")
4873
4874AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4875  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4876
4877AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4878  by "cqt:2[lambda]"
4879
4880AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4881  using "cqt:2[lambda0]"[axiom_inst] by blast
4882
4883AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4884  using "=I"(1)[OF "rel-neg-T:1"]
4885  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4886
4887AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4888  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4889  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4890
4891AOT_theorem "rel-neg-T:3": [Π]-
4892  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4893        "rel-neg-T:1" by blast
4894
4895AOT_theorem "rel-neg-T:3[zero]": (φ)-
4896  using "log-prop-prop:2" by blast
4897
4898(* Note: PLM states the zero place case twice *)
4899AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4900proof -
4901  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4902    using "rule=E"[rotated, OF "rel-neg-T:2"]
4903          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4904          "→I" "≡I" by fast
4905  also AOT_have ...  ¬[F]x1...xn
4906    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4907  finally show ?thesis.
4908qed
4909
4910AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4911  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4912   apply (simp add: "oth-class-taut:3:b")
4913  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4914  using "thm-relation-negation:1".
4915
4916AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4917proof -
4918  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4919  AOT_hence ((p)-)   ¬p]
4920    using "df-relation-negation[zero]" "log-prop-prop:2"
4921          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4922  also AOT_have  ¬p]  ¬p
4923    by (simp add: "propositions-lemma:2")
4924  finally show ?thesis.
4925qed
4926
4927AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4928  using "thm-relation-negation:3"[THEN "≡E"(1)]
4929        "thm-relation-negation:3"[THEN "≡E"(2)]
4930        "≡I" "→I" RAA by metis
4931
4932AOT_theorem "thm-relation-negation:5": [F]  [F]-
4933proof -
4934  AOT_have ¬([F] = [F]-)
4935  proof (rule RAA(2))
4936    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4937      using "if-p-then-p".
4938  next
4939    AOT_assume [F] = [F]-
4940    AOT_hence [F]- = [F] using id_sym by blast
4941    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4942      using "rule=E" "thm-relation-negation:1" by fast
4943    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4944      using "≡E" RAA by metis
4945  qed
4946  thus ?thesis
4947    using "≡dfI" "=-infix" by blast
4948qed
4949
4950AOT_theorem "thm-relation-negation:6": p  (p)-
4951proof -
4952  AOT_have ¬(p = (p)-)
4953  proof (rule RAA(2))
4954    AOT_show p  p
4955      using "if-p-then-p".
4956  next
4957    AOT_assume p = (p)-
4958    AOT_hence (p)- = p using id_sym by blast
4959    AOT_hence p  ¬p
4960      using "rule=E" "thm-relation-negation:3" by fast
4961    AOT_thus ¬(p  p)
4962      using "≡E" RAA by metis
4963  qed
4964  thus ?thesis
4965    using "≡dfI" "=-infix" by blast
4966qed
4967
4968AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4969  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4970  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4971        "propositions-lemma:1" id_trans by blast+
4972
4973AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4974proof(rule "→I")
4975  AOT_assume p = q
4976  moreover AOT_have (¬p) using "log-prop-prop:2".
4977  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4978  ultimately AOT_show (¬p) = (¬q)
4979    using "rule=E" by fast
4980qed
4981
4982AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4983proof(rule "→I")
4984  AOT_assume p = q
4985  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4986  AOT_thus (p)- = (q)-
4987    using "thm-relation-negation:7" id_sym id_trans by metis
4988qed
4989
4990AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4991  "contingent-properties:1":
4992  Necessary([F]) df x1...∀xn [F]x1...xn
4993
4994AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4995  "contingent-properties:1[zero]":
4996  Necessary0(p) df p
4997
4998AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4999  "contingent-properties:2":
5000  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
5001
5002AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
5003  "contingent-properties:2[zero]":
5004  Impossible0(p) df ¬p
5005
5006AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
5007  "contingent-properties:3":
5008  NonContingent([F]) df Necessary([F])  Impossible([F])
5009
5010AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
5011  "contingent-properties:3[zero]":
5012  NonContingent0(p) df Necessary0(p)  Impossible0(p)
5013
5014AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
5015  "contingent-properties:4":
5016  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
5017
5018AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
5019  "contingent-properties:4[zero]":
5020  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
5021
5022
5023AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
5024proof (rule "≡I"; rule "→I")
5025  AOT_assume NonContingent([F])
5026  AOT_hence Necessary([F])  Impossible([F])
5027    using "≡dfE"[OF "contingent-properties:3"] by blast
5028  moreover {
5029    AOT_assume Necessary([F])
5030    AOT_hence (x1...∀xn [F]x1...xn)
5031      using "≡dfE"[OF "contingent-properties:1"] by blast
5032    moreover AOT_modally_strict {
5033      AOT_assume x1...∀xn [F]x1...xn
5034      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
5035      AOT_hence ¬[F]-x1...xn for x1xn
5036        by (meson "≡E"(6) "oth-class-taut:3:a"
5037                  "thm-relation-negation:2" "≡E"(1))
5038      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
5039    }
5040    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
5041      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
5042    AOT_hence Impossible([F]-)
5043      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5044                  OF "rel-neg-T:3", THEN "≡E"(2)]
5045      by blast
5046  }
5047  moreover {
5048    AOT_assume Impossible([F])
5049    AOT_hence (x1...∀xn ¬[F]x1...xn)
5050      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5051                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
5052      by blast
5053    moreover AOT_modally_strict {
5054      AOT_assume x1...∀xn ¬[F]x1...xn
5055      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
5056      AOT_hence [F]-x1...xn for x1xn
5057        by (meson "≡E"(6) "oth-class-taut:3:a"
5058                  "thm-relation-negation:1" "≡E"(1))
5059      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
5060    }
5061    ultimately AOT_have (x1...∀xn [F]-x1...xn)
5062      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
5063    AOT_hence Necessary([F]-)
5064      using "≡dfI"[OF "contingent-properties:1"] by blast
5065  }
5066  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
5067    using "∨E"(1) "∨I" "→I" by metis
5068  AOT_thus NonContingent([F]-)
5069    using "≡dfI"[OF "contingent-properties:3"] by blast
5070next
5071  AOT_assume NonContingent([F]-)
5072  AOT_hence Necessary([F]-)  Impossible([F]-)
5073    using "≡dfE"[OF "contingent-properties:3"] by blast
5074  moreover {
5075    AOT_assume Necessary([F]-)
5076    AOT_hence (x1...∀xn [F]-x1...xn)
5077      using "≡dfE"[OF "contingent-properties:1"] by blast
5078    moreover AOT_modally_strict {
5079      AOT_assume x1...∀xn [F]-x1...xn
5080      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
5081      AOT_hence ¬[F]x1...xn for x1xn
5082        by (meson "≡E"(6) "oth-class-taut:3:a"
5083                  "thm-relation-negation:1" "≡E"(2))
5084      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
5085    }
5086    ultimately AOT_have x1...∀xn ¬[F]x1...xn
5087      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
5088    AOT_hence Impossible([F])
5089      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5090                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
5091      by blast
5092  }
5093  moreover {
5094    AOT_assume Impossible([F]-)
5095    AOT_hence (x1...∀xn ¬[F]-x1...xn)
5096      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
5097                  OF "rel-neg-T:3", THEN "≡E"(1)]
5098      by blast
5099    moreover AOT_modally_strict {
5100      AOT_assume x1...∀xn ¬[F]-x1...xn
5101      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
5102      AOT_hence [F]x1...xn for x1xn 
5103        using "thm-relation-negation:1"[THEN
5104                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
5105              "useful-tautologies:1"[THEN "→E"] by blast
5106      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
5107    }
5108    ultimately AOT_have (x1...∀xn [F]x1...xn)
5109      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
5110    AOT_hence Necessary([F])
5111      using "≡dfI"[OF "contingent-properties:1"] by blast
5112  }
5113  ultimately AOT_have Necessary([F])  Impossible([F])
5114    using "∨E"(1) "∨I" "→I" by metis
5115  AOT_thus NonContingent([F])
5116    using "≡dfI"[OF "contingent-properties:3"] by blast
5117qed
5118
5119AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
5120proof -
5121  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
5122    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5123                                    OF "cqt:2[const_var]"[axiom_inst]]
5124    by blast
5125  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
5126    using "oth-class-taut:5:d" by fastforce
5127  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
5128    by (simp add: "Commutativity of &")
5129  also AOT_have ...  x [F]x & ¬Necessary([F])
5130  proof (rule "oth-class-taut:4:e"[THEN "→E"])
5131    AOT_have ¬Impossible([F])  ¬¬ x [F]x
5132      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5133      apply (AOT_subst x [F]x ¬ x ¬[F]x)
5134       apply (simp add: "conventions:4" "≡Df")
5135      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
5136       apply (simp add: "oth-class-taut:3:b")
5137      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5138                                      OF "cqt:2[const_var]"[axiom_inst]]
5139      by blast
5140    also AOT_have ...  x [F]x
5141      using "conventions:5"[THEN "≡Df", symmetric] by blast
5142    finally AOT_show ¬Impossible([F])  x [F]x .
5143  qed
5144  also AOT_have ...  x [F]x & x ¬[F]x
5145  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5146    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5147      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5148      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5149       apply (simp add: "conventions:4" "≡Df")
5150      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5151       apply (simp add: "oth-class-taut:3:b")
5152      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5153      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5154    also AOT_have ...  x ¬[F]x
5155      using "conventions:5"[THEN "≡Df", symmetric] by blast
5156    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5157  qed
5158  finally show ?thesis.
5159qed
5160
5161AOT_theorem "thm-cont-prop:3":
5162  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5163proof -
5164  {
5165    fix Π :: <κ>
5166    AOT_assume Π
5167    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5168      using "thm-cont-prop:2" GEN by fast
5169    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5170      using "thm-cont-prop:2" "∀E" by fast
5171  } note 1 = this
5172  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5173    using "thm-cont-prop:2" by blast
5174  also AOT_have ...  x ¬[F]x & x [F]x
5175    by (simp add: "Commutativity of &")
5176  also AOT_have ...  x [F]-x & x [F]x
5177    by (AOT_subst [F]-x ¬[F]x for: x)
5178       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5179  also AOT_have ...  x [F]-x & x ¬[F]-x
5180    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5181       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5182  also AOT_have ...  Contingent([F]-)
5183    using 1[OF "rel-neg-T:3", symmetric] by blast
5184  finally show ?thesis.
5185qed
5186
5187AOT_define concrete_if_concrete :: ‹Π› ("L")
5188  L_def: L =df x E!x  E!x]
5189
5190AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5191proof -
5192  AOT_modally_strict {
5193    fix x
5194    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5195    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5196    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5197    ultimately AOT_have x E!x  E!x]x
5198      using "β←C" by blast
5199  }
5200  AOT_hence 0: x x E!x  E!x]x
5201    using RN GEN by blast
5202  show ?thesis
5203    apply (rule "=dfI"(2)[OF L_def])
5204     apply "cqt:2[lambda]"
5205    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5206qed
5207
5208AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5209proof -
5210  AOT_modally_strict {
5211    fix x
5212
5213    AOT_have 0: F (¬[F]-x  [F]x)
5214      using "thm-relation-negation:2" GEN by fast
5215    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5216      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5217    moreover {
5218      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5219      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5220      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5221      ultimately AOT_have x E!x  E!x]x
5222        using "β←C" by blast
5223    }
5224    ultimately AOT_have ¬x E!x  E!x]-x
5225      using "≡E" by blast
5226  }
5227  AOT_hence 0: x ¬x E!x  E!x]-x
5228    using RN GEN by fast
5229  show ?thesis
5230    apply (rule "=dfI"(2)[OF L_def])
5231     apply "cqt:2[lambda]"
5232    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5233     using "rel-neg-T:3"
5234     apply blast
5235    using 0
5236    by blast
5237qed
5238
5239AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5240  using "thm-noncont-e-e:1"
5241  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5242
5243AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5244proof -
5245  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5246    using "thm-cont-prop:1" "∀I" by fast
5247  moreover AOT_have 1: L
5248    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5249  AOT_show NonContingent([L]-)
5250    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5251qed
5252
5253AOT_theorem "thm-noncont-e-e:5":
5254  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5255proof (rule "∃I")+
5256  {
5257    AOT_have F [F]  [F]-
5258      using "thm-relation-negation:5" GEN by fast
5259    moreover AOT_have L
5260      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5261    ultimately AOT_have L  [L]-
5262      using "∀E" by blast
5263  }
5264  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5265    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5266next
5267  AOT_show [L]-
5268    using "rel-neg-T:3" by blast
5269next
5270  AOT_show L
5271      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5272qed
5273
5274AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5275proof -
5276  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5277    using "BF◇" "CBF◇" "≡I" by blast
5278  also AOT_have   x ([F]x &  ¬[F]x)
5279    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5280       (auto simp: "S5Basic:11" "cqt-further:7")
5281  also AOT_have   x (¬[F]x & [F]x)
5282    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5283       (auto simp: "Commutativity of &" "cqt-further:7")
5284  also AOT_have   x (¬[F]x & [F]x)
5285    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5286       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5287  also AOT_have   x (¬[F]x & [F]x)
5288    using "BF◇" "CBF◇" "≡I" by fast
5289  finally show ?thesis.
5290qed
5291
5292AOT_theorem "lem-cont-e:2":
5293  x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5294proof -
5295  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5296    using "lem-cont-e:1".
5297  also AOT_have   x ([F]-x & ¬[F]-x)
5298    apply (AOT_subst ¬[F]-x [F]x for: x)
5299     apply (simp add: "thm-relation-negation:2")
5300    apply (AOT_subst [F]-x ¬[F]x for: x)
5301     apply (simp add: "thm-relation-negation:1")
5302    by (simp add: "oth-class-taut:3:a")
5303  finally show ?thesis.
5304qed
5305
5306AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5307proof (rule "CBF◇"[THEN "→E"])
5308  AOT_have x (E!x & ¬𝒜E!x)
5309    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5310  then AOT_obtain a where (E!a & ¬𝒜E!a)
5311    using "∃E"[rotated] by blast
5312  AOT_hence θ: E!a & ¬𝒜E!a
5313    using "KBasic2:3"[THEN "→E"] by blast
5314  AOT_have ξ: E!a & 𝒜¬E!a
5315    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5316       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5317  AOT_have ζ: E!a & 𝒜¬E!a
5318    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5319       (auto simp add: "Act-Sub:4" ξ)
5320  AOT_hence E!a & ¬E!a
5321    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5322  AOT_hence (E!a & ¬E!a)
5323    using "S5Basic:11"[THEN "≡E"(2)] by simp
5324  AOT_thus x (E!x & ¬E!x)
5325    using "∃I"(2) by fast
5326qed
5327
5328AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5329proof -
5330  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5331    using "lem-cont-e:1" GEN by fast
5332  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5333    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5334  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5335qed
5336
5337AOT_theorem "thm-cont-e:3": x E!x
5338proof (rule "CBF◇"[THEN "→E"])
5339  AOT_obtain a where (E!a & ¬E!a)
5340    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5341  AOT_hence E!a
5342    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5343  AOT_thus x E!x using "∃I" by fast
5344qed
5345
5346AOT_theorem "thm-cont-e:4": x ¬E!x
5347proof (rule "CBF◇"[THEN "→E"])
5348  AOT_obtain a where (E!a & ¬E!a)
5349    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5350  AOT_hence ¬E!a
5351    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5352  AOT_hence ¬E!a
5353    using "4◇"[THEN "→E"] by blast
5354  AOT_thus x ¬E!x using "∃I" by fast
5355qed
5356
5357AOT_theorem "thm-cont-e:5": Contingent([E!])
5358proof -
5359  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5360    using "thm-cont-prop:2" GEN by fast
5361  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5362    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5363  thus ?thesis
5364    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5365qed
5366
5367AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5368proof -
5369  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5370    using "thm-cont-prop:3" GEN by fast
5371  AOT_hence Contingent([E!])  Contingent([E!]-)
5372    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5373  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5374qed
5375
5376AOT_theorem "thm-cont-e:7":
5377  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5378proof (rule "∃I")+
5379  AOT_have F [«F::<κ>»]  [F]-
5380    using "thm-relation-negation:5" GEN by fast
5381  AOT_hence [E!]  [E!]-
5382    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5383  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5384    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5385next
5386  AOT_show E!-
5387    by (fact AOT)
5388next
5389  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
5390qed
5391
5392AOT_theorem "property-facts:1":
5393  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5394proof (rule "→I"; rule "raa-cor:2")
5395  AOT_assume NonContingent([F])
5396  AOT_hence 1: Necessary([F])  Impossible([F])
5397    using "contingent-properties:3"[THEN "≡dfE"] by blast
5398  AOT_assume G (Contingent([G]) & G = F)
5399  then AOT_obtain G where Contingent([G]) & G = F
5400    using "∃E"[rotated] by blast
5401  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5402  AOT_hence ¬(Necessary([F])  Impossible([F]))
5403    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5404            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5405  AOT_thus (Necessary([F])  Impossible([F])) &
5406            ¬(Necessary([F])  Impossible([F]))
5407    using 1 "&I" by blast
5408qed
5409
5410AOT_theorem "property-facts:2":
5411  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5412proof (rule "→I"; rule "raa-cor:2")
5413  AOT_assume Contingent([F])
5414  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5415    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5416            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5417  AOT_assume G (NonContingent([G]) & G = F)
5418  then AOT_obtain G where NonContingent([G]) & G = F
5419    using "∃E"[rotated] by blast
5420  AOT_hence NonContingent([F])
5421    using "rule=E" "&E" by blast
5422  AOT_hence Necessary([F])  Impossible([F])
5423    using "contingent-properties:3"[THEN "≡dfE"] by blast
5424  AOT_thus (Necessary([F])  Impossible([F])) &
5425            ¬(Necessary([F])  Impossible([F]))
5426    using 1 "&I" by blast
5427qed
5428
5429AOT_theorem "property-facts:3":
5430  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5431proof -
5432  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5433    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5434    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5435  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5436    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5437  AOT_have not_noncontingent_if_contingent:
5438    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5439  proof(rule RAA(2))
5440    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5441      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5442                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5443      by blast
5444  next
5445    AOT_assume NonContingent([Π])
5446    AOT_thus Necessary([Π])  Impossible([Π])
5447      using "contingent-properties:3"[THEN "≡dfE"] by blast
5448  qed
5449
5450  show ?thesis
5451  proof (safe intro!: "&I")
5452    AOT_show L  [L]-
5453      apply (rule "=dfI"(2)[OF L_def])
5454       apply "cqt:2[lambda]"
5455      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5456       apply (rule GEN) apply (fact AOT)
5457      by "cqt:2[lambda]"
5458  next
5459    AOT_show L  E!
5460      apply (rule noneqI)
5461      using "thm-noncont-e-e:3"
5462            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5463      by auto
5464  next
5465    AOT_show L  E!-
5466      apply (rule noneqI)
5467      using "thm-noncont-e-e:3" apply fast
5468      apply (rule not_noncontingent_if_contingent)
5469      apply (rule "∀E"(1)[
5470            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5471            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5472      using "thm-cont-prop:3" GEN apply fast
5473      using "thm-cont-e:5" by fast+
5474  next
5475    AOT_show [L]-  E!-
5476      apply (rule noneqI)
5477      using "thm-noncont-e-e:4" apply fast
5478      apply (rule not_noncontingent_if_contingent)
5479      apply (rule "∀E"(1)[
5480            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5481            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5482      using "thm-cont-prop:3" GEN apply fast
5483      using "thm-cont-e:5" by fast+
5484  next
5485    AOT_show E!  E!-
5486      apply (rule "=dfI"(2)[OF L_def])
5487       apply "cqt:2[lambda]"
5488      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5489       apply (rule GEN) apply (fact AOT)
5490      by (fact "cqt:2[concrete]"[axiom_inst])
5491  qed
5492qed
5493
5494AOT_theorem "thm-cont-propos:1":
5495  NonContingent0(p)  NonContingent0(((p)-))
5496proof(rule "≡I"; rule "→I")
5497  AOT_assume NonContingent0(p)
5498  AOT_hence Necessary0(p)  Impossible0(p)
5499    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5500  moreover {
5501    AOT_assume Necessary0(p)
5502    AOT_hence 1: p
5503      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5504    AOT_have ¬((p)-)
5505      by (AOT_subst ¬((p)-) p)
5506         (auto simp add: 1 "thm-relation-negation:4")
5507    AOT_hence Impossible0(((p)-))
5508      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5509  }
5510  moreover {
5511    AOT_assume Impossible0(p)
5512    AOT_hence 1: ¬p
5513      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5514    AOT_have ((p)-)
5515      by (AOT_subst ((p)-) ¬p) 
5516         (auto simp: 1 "thm-relation-negation:3")
5517    AOT_hence Necessary0(((p)-))
5518      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5519  }
5520  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5521    using "∨E"(1) "∨I" "→I" by metis
5522  AOT_thus NonContingent0(((p)-))
5523    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5524next
5525  AOT_assume NonContingent0(((p)-))
5526  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5527    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5528  moreover {
5529    AOT_assume Impossible0(((p)-))
5530    AOT_hence 1: ¬((p)-)
5531      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5532    AOT_have p
5533      by (AOT_subst (reverse) p ¬((p)-))
5534         (auto simp: 1 "thm-relation-negation:4")
5535    AOT_hence Necessary0(p)
5536      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5537  }
5538  moreover {
5539    AOT_assume Necessary0(((p)-))
5540    AOT_hence 1: ((p)-)
5541      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5542    AOT_have ¬p
5543      by (AOT_subst (reverse) ¬p ((p)-))
5544         (auto simp: 1 "thm-relation-negation:3")
5545    AOT_hence Impossible0(p)
5546      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5547  }
5548  ultimately AOT_have Necessary0(p)  Impossible0(p)
5549    using "∨E"(1) "∨I" "→I" by metis
5550  AOT_thus NonContingent0(p)
5551    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5552qed
5553
5554AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5555proof -
5556  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5557    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5558  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5559    by (fact AOT)
5560  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5561    by (fact AOT)
5562  also AOT_have   φ & ¬φ
5563    apply (AOT_subst φ ¬¬φ)
5564     apply (simp add: "conventions:5" "≡Df")
5565    apply (AOT_subst Impossible0(φ) ¬φ)
5566     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5567    apply (AOT_subst (reverse) ¬φ ¬φ)
5568     apply (simp add: "KBasic:11")
5569    apply (AOT_subst Necessary0(φ) φ)
5570     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5571    by (simp add: "oth-class-taut:3:a")
5572  finally show ?thesis.
5573qed
5574
5575AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5576proof -
5577  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5578  also AOT_have   ¬p & p by (fact AOT)
5579  also AOT_have   ((p)-) & p
5580    by (AOT_subst ((p)-) ¬p)
5581       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5582  also AOT_have   ((p)-) & ¬((p)-)
5583    by (AOT_subst ¬((p)-) p)
5584       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5585  also AOT_have   Contingent0(((p)-))
5586    using "thm-cont-propos:2"[symmetric] by blast
5587  finally show ?thesis.
5588qed
5589
5590AOT_define noncontingent_prop :: ‹φ› ("p0")
5591  p0_def: "(p0) =df (x (E!x  E!x))"
5592
5593AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5594proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5595  AOT_show (p0)
5596    apply (rule "=dfI"(2)[OF p0_def])
5597    using "log-prop-prop:2" apply simp
5598    using "if-p-then-p" RN GEN by fast
5599qed
5600
5601AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5602proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5603  AOT_show ¬((p0)-)
5604    apply (AOT_subst ((p0)-) ¬p0)
5605    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5606     apply fast
5607    apply (AOT_subst (reverse) ¬¬p0 p0)
5608     apply (simp add: "oth-class-taut:3:b")
5609    apply (rule "=dfI"(2)[OF p0_def])
5610    using "log-prop-prop:2" apply simp
5611    using "if-p-then-p" RN GEN by fast
5612qed
5613
5614AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5615  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5616  using "thm-noncont-propos:1" "∨I" by blast
5617
5618AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5619  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5620  using "thm-noncont-propos:2" "∨I" by blast
5621
5622AOT_theorem "thm-noncont-propos:5":
5623  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5624proof(rule "∃I")+
5625  AOT_have 0: φ  (φ)- for φ
5626    using "thm-relation-negation:6" "∀I"
5627          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5628  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5629    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5630qed(auto simp: "log-prop-prop:2")
5631
5632AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5633proof(rule "raa-cor:2")
5634  AOT_assume x(E!x & ¬𝒜E!x)
5635  then AOT_obtain a where a: E!a & ¬𝒜E!a
5636    using "∃E"[rotated] by blast
5637  AOT_hence 𝒜¬E!a
5638    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5639  AOT_hence ¬E!a
5640    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5641  AOT_hence E!a & ¬E!a
5642    using a "&E" "&I" by blast
5643  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5644qed
5645
5646AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5647proof(rule "raa-cor:2")
5648  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5649  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5650    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5651  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5652    using "∃E"[rotated] by blast
5653  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5654    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5655  AOT_hence ¬𝒜𝒜E!a
5656    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5657  AOT_hence ¬𝒜E!a
5658    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5659  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5660qed
5661
5662AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5663proof (rule RAA(1))
5664  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5665    using "pos-not-pna:1" by blast
5666next
5667  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5668  AOT_hence x (E!x & ¬𝒜E!x)
5669    using "KBasic:12"[THEN "≡E"(2)] by blast
5670  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5671    using "nec-imp-act"[THEN "→E"] by blast
5672qed
5673
5674AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5675proof -
5676  AOT_obtain a where (E!a & ¬𝒜E!a)
5677    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5678  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5679    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5680  AOT_have ¬𝒜E!a
5681    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5682  AOT_hence ¬𝒜E!a
5683    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5684                        THEN "≡E"(2)] by blast
5685  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5686  thus ?thesis using "∃I" by fast
5687qed
5688
5689AOT_define contingent_prop :: φ ("q0")
5690  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5691
5692AOT_theorem q0_prop: q0 & ¬q0
5693  apply (rule "=dfI"(2)[OF q0_def])
5694  apply (fact "log-prop-prop:2")
5695  apply (rule "&I")
5696   apply (fact "qml:4"[axiom_inst])
5697  by (fact "pos-not-pna:2")
5698
5699AOT_theorem "basic-prop:1": Contingent0((q0))
5700proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5701  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5702  proof (rule "&I";
5703         rule "=dfI"(2)[OF q0_def];
5704         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5705    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5706    AOT_hence x (E!x & ¬𝒜E!x)
5707      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5708    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5709      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5710    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5711      using "pos-not-pna:1" "&I" by blast
5712  next
5713    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5714    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5715      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5716    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5717      using "KBasic2:1"[THEN "≡E"(1)] by blast
5718    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5719      using "qml:4"[axiom_inst] "&I" by blast
5720  qed
5721  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5722    using "oth-class-taut:5:d" "≡E"(2) by blast
5723qed
5724
5725AOT_theorem "basic-prop:2": p Contingent0((p))
5726  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5727
5728AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5729  apply (AOT_subst ((q0)-) ¬q0)
5730   apply (insert "thm-relation-negation:3" "∀I"
5731                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5732  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5733  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5734  apply (rule "&I")
5735   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5736                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5737   apply (rule "conventions:5"[THEN "≡dfE"])
5738   apply (rule "=dfE"(2)[OF q0_def])
5739    apply (rule "log-prop-prop:2")
5740   apply (rule q0_prop[THEN "&E"(1)])
5741  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5742                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5743  apply (rule "conventions:5"[THEN "≡dfE"])
5744  by (rule q0_prop[THEN "&E"(2)])
5745
5746AOT_theorem "basic-prop:4":
5747  pq (p  q & Contingent0(p) & Contingent0(q))
5748proof(rule "∃I")+
5749  AOT_have 0: φ  (φ)- for φ
5750    using "thm-relation-negation:6" "∀I"
5751          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5752  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5753    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5754qed(auto simp: "log-prop-prop:2")
5755
5756AOT_theorem "proposition-facts:1":
5757  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5758proof(rule "→I"; rule "raa-cor:2")
5759  AOT_assume NonContingent0(p)
5760  AOT_hence 1: Necessary0(p)  Impossible0(p)
5761    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5762  AOT_assume q (Contingent0(q) & q = p)
5763  then AOT_obtain q where Contingent0(q) & q = p
5764    using "∃E"[rotated] by blast
5765  AOT_hence Contingent0(p)
5766    using "rule=E" "&E" by fast
5767  AOT_thus (Necessary0(p)  Impossible0(p)) &
5768            ¬(Necessary0(p)  Impossible0(p))
5769    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5770qed
5771
5772AOT_theorem "proposition-facts:2":
5773  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5774proof(rule "→I"; rule "raa-cor:2")
5775  AOT_assume Contingent0(p)
5776  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5777    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5778  AOT_assume q (NonContingent0(q) & q = p)
5779  then AOT_obtain q where NonContingent0(q) & q = p
5780    using "∃E"[rotated] by blast
5781  AOT_hence NonContingent0(p)
5782    using "rule=E" "&E" by fast
5783  AOT_thus (Necessary0(p)  Impossible0(p)) &
5784            ¬(Necessary0(p)  Impossible0(p))
5785    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5786qed
5787
5788AOT_theorem "proposition-facts:3":
5789  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5790proof -
5791  {
5792    fix χ φ ψ
5793    AOT_assume χ{φ}
5794    moreover AOT_assume ¬χ{ψ}
5795    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5796      using RAA "≡E" by metis
5797    moreover {
5798      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5799        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5800      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5801        using "∀E" "log-prop-prop:2" by blast
5802    }
5803    ultimately AOT_have φ  ψ
5804      using "→E" by blast
5805  } note 0 = this
5806  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5807    using "thm-cont-propos:3" "∀I"
5808          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5809  AOT_have not_noncontingent_if_contingent:
5810    ¬NonContingent0(φ) if Contingent0(φ) for φ
5811    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5812                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5813    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5814  show ?thesis
5815    apply (rule "&I")+
5816    using "thm-relation-negation:6" "∀I"
5817          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5818        apply fast
5819       apply (rule 0)
5820    using "thm-noncont-propos:3" apply fast
5821       apply (rule not_noncontingent_if_contingent)
5822       apply (fact AOT)
5823      apply (rule 0)
5824    apply (rule "thm-noncont-propos:3")
5825      apply (rule not_noncontingent_if_contingent)
5826      apply (rule contingent_neg[THEN "≡E"(1)])
5827      apply (fact AOT)
5828     apply (rule 0)
5829    apply (rule "thm-noncont-propos:4")
5830      apply (rule not_noncontingent_if_contingent)
5831      apply (rule contingent_neg[THEN "≡E"(1)])
5832     apply (fact AOT)
5833    using "thm-relation-negation:6" "∀I"
5834          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5835qed
5836
5837AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5838  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5839
5840AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5841  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5842
5843AOT_theorem "cont-true-cont:1":
5844  ContingentlyTrue((p))  Contingent0((p))
5845proof(rule "→I")
5846  AOT_assume ContingentlyTrue((p))
5847  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5848  AOT_have ¬Necessary0((p))
5849    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5850                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5851    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5852  moreover AOT_have ¬Impossible0((p))
5853    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5854                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5855    apply (rule "conventions:5"[THEN "≡dfE"])
5856    using "T◇"[THEN "→E", OF 1].
5857  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5858    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5859  AOT_thus Contingent0((p))
5860    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5861qed
5862
5863AOT_theorem "cont-true-cont:2":
5864  ContingentlyFalse((p))  Contingent0((p))
5865proof(rule "→I")
5866  AOT_assume ContingentlyFalse((p))
5867  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5868  AOT_have ¬Necessary0((p))
5869    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5870                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5871    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5872  moreover AOT_have ¬Impossible0((p))
5873    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5874                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5875    apply (rule "conventions:5"[THEN "≡dfE"])
5876    using 2.
5877  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5878    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5879  AOT_thus Contingent0((p))
5880    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5881qed
5882
5883AOT_theorem "cont-true-cont:3":
5884  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5885proof(rule "≡I"; rule "→I")
5886  AOT_assume ContingentlyTrue((p))
5887  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5888  AOT_have 1: ContingentlyFalse(¬p)
5889    apply (rule "cont-tf:2"[THEN "≡dfI"])
5890    apply (AOT_subst (reverse) ¬¬p p)
5891    by (auto simp: "oth-class-taut:3:b" 0)
5892  AOT_show ContingentlyFalse(((p)-))
5893    apply (AOT_subst ((p)-) ¬p)
5894    by (auto simp: "thm-relation-negation:3" 1)
5895next
5896  AOT_assume 1: ContingentlyFalse(((p)-))
5897  AOT_have ContingentlyFalse(¬p)
5898    by (AOT_subst (reverse) ¬p ((p)-))
5899       (auto simp: "thm-relation-negation:3" 1)
5900  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5901  AOT_hence p & ¬p
5902    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5903  AOT_thus ContingentlyTrue((p))
5904    using "cont-tf:1"[THEN "≡dfI"] by blast
5905qed
5906
5907AOT_theorem "cont-true-cont:4":
5908  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5909proof(rule "≡I"; rule "→I")
5910  AOT_assume ContingentlyFalse(p)
5911  AOT_hence 0: ¬p & p
5912    using "cont-tf:2"[THEN "≡dfE"] by blast
5913  AOT_have ¬p & ¬¬p
5914    by (AOT_subst (reverse) ¬¬p p)
5915       (auto simp: "oth-class-taut:3:b" 0)
5916  AOT_hence 1: ContingentlyTrue(¬p)
5917    by (rule "cont-tf:1"[THEN "≡dfI"])
5918  AOT_show ContingentlyTrue(((p)-))
5919    by (AOT_subst ((p)-) ¬p)
5920       (auto simp: "thm-relation-negation:3" 1)
5921next
5922  AOT_assume 1: ContingentlyTrue(((p)-))
5923  AOT_have ContingentlyTrue(¬p)
5924    by (AOT_subst (reverse) ¬p ((p)-))
5925       (auto simp add: "thm-relation-negation:3" 1)
5926  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5927  AOT_have p
5928    by (AOT_subst p ¬¬p)
5929       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5930  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5931  AOT_thus ContingentlyFalse(p)
5932    by (rule "cont-tf:2"[THEN "≡dfI"])
5933qed
5934
5935AOT_theorem "cont-true-cont:5":
5936  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5937proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5938  AOT_assume ContingentlyTrue((p))
5939  AOT_hence ¬p
5940    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5941  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5942  AOT_assume Necessary0((q))
5943  moreover AOT_assume ¬(p  q)
5944  AOT_hence p = q
5945    using "=-infix"[THEN "≡Df",
5946                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5947                    THEN "≡E"(1)]
5948          "useful-tautologies:1"[THEN "→E"] by blast
5949  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5950  AOT_hence p
5951    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5952  AOT_thus p & ¬p using 0 "&I" by blast
5953qed
5954
5955AOT_theorem "cont-true-cont:6":
5956  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5957proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5958  AOT_assume ContingentlyFalse((p))
5959  AOT_hence p
5960    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5961  AOT_hence 1: ¬¬p
5962    using "conventions:5"[THEN "≡dfE"] by blast
5963  AOT_assume Impossible0((q))
5964  moreover AOT_assume ¬(p  q)
5965  AOT_hence p = q
5966    using "=-infix"[THEN "≡Df",
5967                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5968                    THEN "≡E"(1)]
5969          "useful-tautologies:1"[THEN "→E"] by blast
5970  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5971  AOT_hence ¬p
5972    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5973  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5974qed
5975
5976AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5977  apply (rule "cont-tf:2"[THEN "≡dfI"])
5978  apply (rule "=dfI"(2)[OF q0_def])
5979   apply (fact "log-prop-prop:2")
5980  apply (rule "&I")
5981   apply (fact "no-cnac")
5982  by (fact "qml:4"[axiom_inst])
5983
5984AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5985  apply (rule "cont-tf:1"[THEN "≡dfI"])
5986  apply (rule "=dfI"(2)[OF q0_def])
5987   apply (fact "log-prop-prop:2")
5988  apply (rule "&I")
5989   apply (rule "thm-relation-negation:3"
5990                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5991     apply (fact "no-cnac")
5992  apply (rule "rule=E"[rotated,
5993                OF "thm-relation-negation:7"
5994                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5995  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5996  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5997
5998AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5999proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
6000  AOT_assume q0
6001  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
6002  AOT_thus ContingentlyTrue(q0)
6003    by (rule "cont-tf:1"[THEN "≡dfI"])
6004next
6005  AOT_assume ¬q0
6006  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
6007  AOT_hence ContingentlyFalse(q0)
6008    by (rule "cont-tf:2"[THEN "≡dfI"])
6009  AOT_thus ContingentlyTrue(((q0)-))
6010    by (rule "cont-true-cont:4"[unvarify p,
6011                OF "log-prop-prop:2", THEN "≡E"(1)])
6012qed(auto simp: "log-prop-prop:2")
6013
6014
6015AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
6016proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
6017  AOT_assume q0
6018  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
6019  AOT_hence ContingentlyTrue(q0)
6020    by (rule "cont-tf:1"[THEN "≡dfI"])
6021  AOT_thus ContingentlyFalse(((q0)-))
6022    by (rule "cont-true-cont:3"[unvarify p,
6023                OF "log-prop-prop:2", THEN "≡E"(1)])
6024next
6025  AOT_assume ¬q0
6026  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
6027  AOT_thus ContingentlyFalse(q0)
6028    by (rule "cont-tf:2"[THEN "≡dfI"])
6029qed(auto simp: "log-prop-prop:2")
6030
6031AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
6032proof -
6033  fix x
6034  AOT_obtain p1 where ContingentlyTrue((p1))
6035    using "cont-tf-thm:1" "∃E"[rotated] by blast
6036  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6037  AOT_modally_strict {
6038    AOT_have for arbitrary p:  (z p]x  p)
6039      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
6040    AOT_hence for arbitrary p:   (z p]x  p)
6041      by (rule RN)
6042    AOT_hence p (z p]x  p) using GEN by fast
6043    AOT_hence (z p1]x  p1) using "∀E" by fast
6044  } note 2 = this
6045  AOT_hence (z p1]x  p1) using "∀E" by blast
6046  AOT_hence z p1]x
6047    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
6048  moreover AOT_have ¬z p1]x
6049    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
6050    apply (AOT_subst z p1]x p1)
6051    using 1[THEN "&E"(2)] by blast
6052  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
6053  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
6054  moreover AOT_have z p1] by "cqt:2[lambda]"
6055  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
6056qed
6057
6058AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
6059proof -
6060  fix x
6061  AOT_obtain p1 where ContingentlyFalse((p1))
6062    using "cont-tf-thm:2" "∃E"[rotated] by blast
6063  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6064  AOT_modally_strict {
6065    AOT_have for arbitrary p:  (z p]x  p)
6066      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
6067    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
6068      using "oth-class-taut:4:b" "≡E" by blast
6069    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
6070      by (rule RN)
6071    AOT_hence p (¬z p]x  ¬p) using GEN by fast
6072    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
6073  } note 2 = this
6074  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
6075  AOT_hence 3: ¬z p1]x
6076    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
6077  AOT_modally_strict {
6078    AOT_have for arbitrary p:  (z p]x  p)
6079      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
6080    AOT_hence for arbitrary p:  (z p]x  p)
6081      by (rule RN)
6082    AOT_hence p (z p]x  p) using GEN by fast
6083    AOT_hence (z p1]x  p1) using "∀E" by fast
6084  } note 4 = this
6085  AOT_have z p1]x
6086    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
6087    apply (AOT_subst z p1]x p1)
6088    using 1[THEN "&E"(2)] by blast
6089  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
6090  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
6091  moreover AOT_have z p1] by "cqt:2[lambda]"
6092  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
6093qed
6094
6095context
6096begin
6097
6098private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
6099    apply (rule "=dfI"(2)[OF L_def])
6100     apply "cqt:2[lambda]"
6101    apply (rule "beta-C-meta"[THEN "→E"])
6102  by "cqt:2[lambda]"
6103
6104private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
6105    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6106
6107private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
6108proof(rule "≡I"; rule "→I"; (rule "∀I")?)
6109  fix x
6110  AOT_assume 1: φ
6111  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
6112  also AOT_have   φ
6113    using "if-p-then-p" 1 "≡I" "→I" by simp
6114  also AOT_have   z φ]x
6115    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
6116  finally AOT_show [L]x  z φ]x.
6117next
6118  fix x
6119  AOT_assume x([L]x  z φ]x)
6120  AOT_hence [L]x  z φ]x using "∀E" by blast
6121  also AOT_have   φ using eqnotnec_123_Aux_ω.
6122  finally AOT_have φ  [L]x
6123    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6124  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
6125  finally AOT_show φ using "≡E" "if-p-then-p" by fast
6126qed
6127private lemmas eqnotnec_123_Aux_ξ =
6128  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6129    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6130    THEN "RM◇"]
6131private lemmas eqnotnec_123_Aux_ξ' =
6132  eqnotnec_123_Aux_θ[
6133    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6134    THEN "RM◇"]
6135
6136AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6137proof-
6138  AOT_obtain p1 where ContingentlyTrue(p1)
6139    using "cont-tf-thm:1" "∃E"[rotated] by blast
6140  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6141  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6142    apply - apply (rule "&I")
6143    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6144          eqnotnec_123_Aux_ξ "→E" by fast+
6145  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6146    by (rule "∃I") "cqt:2[lambda]"
6147  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6148    apply (rule "∃I")
6149    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6150qed
6151
6152AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6153proof-
6154  AOT_obtain p1 where ContingentlyFalse(p1)
6155    using "cont-tf-thm:2" "∃E"[rotated] by blast
6156  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6157  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6158    apply - apply (rule "&I")
6159    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6160                             THEN "≡E"(1)]
6161          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6162  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6163    by (rule "∃I") "cqt:2[lambda]"
6164  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6165    apply (rule "∃I")
6166    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6167qed
6168
6169AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6170proof-
6171  AOT_have ¬𝒜q0
6172    apply (rule "=dfI"(2)[OF q0_def])
6173     apply (fact "log-prop-prop:2")
6174    by (fact AOT)
6175  AOT_hence 𝒜¬q0
6176    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6177  AOT_hence 𝒜¬x ([L]x  z q0]x)
6178    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6179            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6180            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6181  moreover AOT_have x ([L]x  z q0]x)
6182    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6183  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6184    using "&I" by blast
6185  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6186    by (rule "∃I") "cqt:2[lambda]"
6187  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6188    apply (rule "∃I")
6189    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6190qed
6191
6192end
6193
6194AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6195proof(rule GEN)
6196  fix F
6197  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6198  proof(rule "→I"; rule GEN)
6199    AOT_modally_strict {
6200    fix x
6201    AOT_assume 0: ψ
6202    AOT_have z [F]z & ψ]x  [F]x & ψ
6203      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6204    also AOT_have ...  [F]x
6205      apply (rule "≡I"; rule "→I")
6206      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6207      apply blast
6208      using 0 "&I" by blast
6209    finally AOT_show [F]x  z [F]z & ψ]x
6210      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6211    }
6212  qed
6213
6214  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6215  proof (rule "→I"; rule GEN)
6216    AOT_modally_strict {
6217      fix x
6218      AOT_assume 0: ψ
6219      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6220        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6221      also AOT_have ...  [F]x
6222        apply (rule "≡I"; rule "→I")
6223        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6224              "&E"
6225         apply blast
6226        apply (rule "∨I"(1)) using 0 "&I" by blast
6227      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6228        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6229    }
6230  qed
6231
6232  AOT_have Aux_C:
6233     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6234  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6235  AOT_modally_strict {
6236      AOT_assume 0: ¬ψ
6237      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6238      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6239        using "∀E" by blast
6240      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6241          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6242      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6243        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6244      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6245        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6246      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6247      ultimately AOT_have ψ using "≡E" "&E" by metis
6248      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6249    }
6250  qed
6251
6252  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6253      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6254       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6255  proof (rule "→I")
6256    AOT_assume A: z([F]z  z [F]z & ψ]z)
6257    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6258              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6259    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6260          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6261          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6262      AOT_modally_strict {
6263        AOT_assume z ([F]z  z [F]z & ψ]z)
6264        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6265          using "∀E" by blast
6266        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6267        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6268          using "∀E" by blast
6269        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6270          using "≡E" 1 2 by meson
6271        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6272          by (rule GEN)
6273      }
6274    next
6275      AOT_modally_strict {
6276        AOT_assume z ([F]z  z [F]z & ψ]z)
6277        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6278          using "∀E" by blast
6279        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6280        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6281          using "∀E" by blast
6282        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6283          using 1 2 "≡E" by meson
6284        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6285          by (rule GEN)
6286      }
6287    qed(auto simp: A)
6288  qed
6289
6290  AOT_obtain p1 where p1_prop: p1 & ¬p1
6291    using "cont-tf-thm:1" "∃E"[rotated]
6292          "cont-tf:1"[THEN "≡dfE"] by blast
6293  {
6294    AOT_assume 1: x([F]x  z [F]z & p1]x)
6295    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6296      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6297    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6298      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6299    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6300      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6301    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6302               ¬x([F]x  z [F]z & p1  ¬p1]x)
6303      using 2 "&I" by blast
6304    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6305      by (rule "∃I"(1)) "cqt:2[lambda]"
6306  }
6307  moreover {
6308    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6309    AOT_hence ¬x([F]x  z [F]z & p1]x)
6310      using "KBasic:11"[THEN "≡E"(1)] by blast
6311    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6312      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6313    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6314      by (rule "∃I"(1)) "cqt:2[lambda]"
6315  }
6316  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6317    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6318qed
6319
6320AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6321proof(rule GEN)
6322  fix F
6323  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6324  proof(rule "RM◇"; rule "→I"; rule GEN)
6325    AOT_modally_strict {
6326    fix x
6327    AOT_assume 0: ψ
6328    AOT_have z [F]z & ψ]x  [F]x & ψ
6329      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6330    also AOT_have ...  [F]x
6331      apply (rule "≡I"; rule "→I")
6332      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6333       apply blast
6334      using 0 "&I" by blast
6335    finally AOT_show [F]x  z [F]z & ψ]x
6336      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6337    }
6338  qed
6339
6340  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6341  proof (rule "RM◇"; rule "→I"; rule GEN)
6342    AOT_modally_strict {
6343      fix x
6344      AOT_assume 0: ψ
6345      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6346        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6347      also AOT_have ...  [F]x
6348        apply (rule "≡I"; rule "→I")
6349        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6350         apply blast
6351        apply (rule "∨I"(1)) using 0 "&I" by blast
6352      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6353        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6354    }
6355  qed
6356
6357  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6358  proof(rule "→I"; rule "raa-cor:2")
6359  AOT_modally_strict {
6360      AOT_assume 0: ¬ψ
6361      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6362      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6363        using "∀E" by blast
6364      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6365          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6366      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6367        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6368      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6369        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6370      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6371        using 0 "∨I" by blast
6372      ultimately AOT_have ψ using "≡E" "&E" by metis
6373      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6374    }
6375  qed
6376
6377  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6378    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6379     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6380  proof (rule "→I"; rule "≡I";
6381         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6382    AOT_modally_strict {
6383      AOT_assume z ([F]z  z [F]z & ψ]z)
6384      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6385        using "∀E" by blast
6386      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6387      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6388        using "∀E" by blast
6389      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6390        using "≡E" 1 2 by meson
6391      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6392        by (rule GEN)
6393    }
6394  next
6395    AOT_modally_strict {
6396      AOT_assume z ([F]z  z [F]z & ψ]z)
6397      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6398        using "∀E" by blast
6399      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6400      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6401        using "∀E" by blast
6402      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6403        using 1 2 "≡E" by meson
6404      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6405        by (rule GEN)
6406    }
6407  qed
6408
6409  AOT_obtain p1 where p1_prop: ¬p1 & p1
6410    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6411  {
6412    AOT_assume 1: x([F]x  z [F]z & p1]x)
6413    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6414      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6415    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6416      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6417    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6418      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6419    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6420               x([F]x  z [F]z & p1  ¬p1]x)
6421      using 2 "&I" by blast
6422    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6423      by (rule "∃I"(1)) "cqt:2[lambda]"
6424  }
6425  moreover {
6426    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6427    AOT_hence ¬x([F]x  z [F]z & p1]x)
6428      using "KBasic:11"[THEN "≡E"(1)] by blast
6429    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6430               x([F]x  z [F]z & p1]x)
6431      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6432    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6433      by (rule "∃I"(1)) "cqt:2[lambda]"
6434  }
6435  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6436    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6437qed
6438
6439AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6440proof(rule GEN)
6441  fix F
6442  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6443  proof(rule "RM◇"; rule "→I"; rule GEN)
6444    AOT_modally_strict {
6445    fix x
6446    AOT_assume 0: ψ
6447    AOT_have z [F]z & ψ]x  [F]x & ψ
6448      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6449    also AOT_have ...  [F]x
6450      apply (rule "≡I"; rule "→I")
6451      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6452            "&E"
6453       apply blast
6454      using 0 "&I" by blast
6455    finally AOT_show [F]x  z [F]z & ψ]x
6456      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6457    }
6458  qed
6459
6460  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6461  proof (rule "RM◇"; rule "→I"; rule GEN)
6462    AOT_modally_strict {
6463      fix x
6464      AOT_assume 0: ψ
6465      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6466        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6467      also AOT_have ...  [F]x
6468        apply (rule "≡I"; rule "→I")
6469        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6470         apply blast
6471        apply (rule "∨I"(1)) using 0 "&I" by blast
6472      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6473        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6474    }
6475  qed
6476
6477  AOT_have Aux_C:
6478     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6479  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6480  AOT_modally_strict {
6481      AOT_assume 0: ¬ψ
6482      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6483      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6484        using "∀E" by blast
6485      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6486          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6487      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6488        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6489      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6490        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6491      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6492        using 0 "∨I" by blast
6493      ultimately AOT_have ψ using "≡E" "&E" by metis
6494      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6495    }
6496  qed
6497
6498  AOT_have (z ([F]z  z [F]z & ψ]z) 
6499    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6500     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6501  proof (rule RN; rule "→I")
6502    AOT_modally_strict {
6503        AOT_assume z ([F]z  z [F]z & ψ]z)
6504        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6505                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6506          apply -
6507        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6508          AOT_assume z ([F]z  z [F]z & ψ]z)
6509          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6510            using "∀E" by blast
6511          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6512          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6513            using "∀E" by blast
6514          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6515            using "≡E" 1 2 by meson
6516          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6517            by (rule GEN)
6518        next
6519            AOT_assume z ([F]z  z [F]z & ψ]z)
6520            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6521              using "∀E" by blast
6522            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6523            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6524              using "∀E" by blast
6525            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6526              using 1 2 "≡E" by meson
6527            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6528              by (rule GEN)
6529        qed
6530    }
6531  qed
6532  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6533    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6534     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6535    using "nec-imp-act"[THEN "→E"] by blast
6536  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6537    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6538    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6539    using "act-cond"[THEN "→E"] by blast
6540  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6541    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6542     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6543    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6544
6545  AOT_have ¬𝒜q0
6546    apply (rule "=dfI"(2)[OF q0_def])
6547     apply (fact "log-prop-prop:2")
6548    by (fact AOT)
6549  AOT_hence q0_prop_1: 𝒜¬q0
6550    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6551  {
6552    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6553    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6554      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6555    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6556      using Aux_C[THEN "→E", OF q0_prop_1].
6557    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6558      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6559    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6560               x([F]x  z [F]z & q0  ¬q0]x)
6561      using 2 "&I" by blast
6562    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6563      by (rule "∃I"(1)) "cqt:2[lambda]"
6564  }
6565  moreover {
6566    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6567    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6568      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6569    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6570      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6571    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6572      by (rule "∃I"(1)) "cqt:2[lambda]"
6573  }
6574  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6575    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6576qed
6577
6578AOT_theorem "oa-contingent:1": O!  A!
6579proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6580  fix x
6581  AOT_assume 1: O! = A!
6582  AOT_hence x E!x] = A!
6583    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6584  AOT_hence x E!x] = x ¬E!x]
6585    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6586  moreover AOT_have x E!x]x  E!x
6587    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6588  ultimately AOT_have x ¬E!x]x  E!x
6589    using "rule=E" by fast
6590  moreover AOT_have x ¬E!x]x  ¬E!x
6591    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6592  ultimately AOT_have E!x  ¬E!x
6593    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6594  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6595    using "oth-class-taut:3:c" "&I" by blast
6596qed
6597
6598AOT_theorem "oa-contingent:2": O!x  ¬A!x
6599proof -
6600  AOT_have O!x  x E!x]x
6601    apply (rule "≡I"; rule "→I")
6602     apply (rule "=dfE"(2)[OF AOT_ordinary])
6603      apply "cqt:2[lambda]"
6604     apply argo
6605    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6606     apply "cqt:2[lambda]"
6607    by argo
6608  also AOT_have   E!x
6609    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6610  also AOT_have   ¬¬E!x
6611    using "oth-class-taut:3:b".
6612  also AOT_have   ¬x ¬E!x]x
6613    by (rule "beta-C-meta"[THEN "→E",
6614              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6615       "cqt:2"
6616  also AOT_have   ¬A!x
6617    apply (rule "≡I"; rule "→I")
6618     apply (rule "=dfI"(2)[OF AOT_abstract])
6619      apply "cqt:2[lambda]"
6620     apply argo
6621    apply (rule "=dfE"(2)[OF AOT_abstract])
6622     apply "cqt:2[lambda]"
6623    by argo
6624  finally show ?thesis.
6625qed
6626
6627AOT_theorem "oa-contingent:3": A!x  ¬O!x
6628  by (AOT_subst A!x ¬¬A!x)
6629     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6630         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6631
6632AOT_theorem "oa-contingent:4": Contingent(O!)
6633proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6634       rule "&I")
6635  AOT_have x E!x using "thm-cont-e:3" .
6636  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6637  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6638  AOT_hence x E!x]a
6639    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6640  AOT_hence O!a
6641    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6642  AOT_hence x O!x using "∃I" by blast
6643  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6644next
6645  AOT_obtain a where A!a
6646    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6647  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6648  AOT_hence x ¬O!x using "∃I" by fast
6649  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6650qed
6651
6652AOT_theorem "oa-contingent:5": Contingent(A!)
6653proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6654       rule "&I")
6655  AOT_obtain a where A!a
6656    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6657  AOT_hence x A!x using "∃I" by fast
6658  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6659next
6660  AOT_have x E!x using "thm-cont-e:3" .
6661  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6662  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6663  AOT_hence x E!x]a
6664    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6665  AOT_hence O!a
6666    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6667  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6668  AOT_hence x ¬A!x using "∃I" by fast
6669  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6670qed
6671
6672AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6673proof -
6674  AOT_have O!x  ¬A!x
6675    using "oa-contingent:2" by blast
6676  also AOT_have   A!-x
6677    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6678  finally AOT_have 1: O!x  A!-x.
6679
6680  AOT_have A!x  ¬O!x
6681    using "oa-contingent:3" by blast
6682  also AOT_have   O!-x
6683    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6684  finally AOT_have 2: A!x  O!-x.
6685
6686  AOT_show O!-x  ¬A!-x
6687    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6688          "oa-contingent:3"[of _ x] 2[symmetric]
6689          "≡E"(5) by blast
6690qed
6691
6692AOT_theorem "oa-contingent:6": O!-  A!-
6693proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6694  AOT_assume 1: O!- = A!-
6695  fix x
6696  AOT_have A!-x  O!-x
6697    apply (rule "rule=E"[rotated, OF 1])
6698    by (fact "oth-class-taut:3:a")
6699  AOT_hence A!-x  ¬A!-x
6700    using "oa-contingent:7" "≡E" by fast
6701  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6702    using "oth-class-taut:3:c" "&I" by blast
6703qed
6704
6705AOT_theorem "oa-contingent:8": Contingent(O!-)
6706  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6707          OF "oa-contingent:4"].
6708
6709AOT_theorem "oa-contingent:9": Contingent(A!-)
6710  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6711          OF "oa-contingent:5"].
6712
6713AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6714  "df-cont-nec":
6715  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6716
6717AOT_theorem "cont-nec-fact1:1":
6718  WeaklyContingent([F])  WeaklyContingent([F]-)
6719proof -
6720  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6721    using "df-cont-nec"[THEN "≡Df"] by blast
6722  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6723    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6724    using "thm-cont-prop:3".
6725  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6726  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6727         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6728    fix x
6729    AOT_assume 0: x ([F]x  [F]x)
6730    AOT_assume 1: [F]-x
6731    AOT_have ¬[F]x
6732      by (AOT_subst (reverse) ¬[F]x [F]-x)
6733         (auto simp add: "thm-relation-negation:1" 1)
6734    AOT_hence 2: ¬[F]x
6735      using "KBasic:11"[THEN "≡E"(2)] by blast
6736    AOT_show [F]-x
6737    proof (rule "raa-cor:1")
6738      AOT_assume 3: ¬[F]-x
6739      AOT_have ¬¬[F]x
6740        by (AOT_subst (reverse) ¬[F]x [F]-x)
6741           (auto simp add: "thm-relation-negation:1" 3)
6742      AOT_hence [F]x
6743        using "conventions:5"[THEN "≡dfI"] by simp
6744      AOT_hence [F]x using 0 "∀E" "→E" by fast
6745      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6746    qed
6747  next
6748    fix x
6749    AOT_assume 0: x ([F]-x  [F]-x)
6750    AOT_assume 1: [F]x
6751    AOT_have ¬[F]-x
6752      by (AOT_subst ¬[F]-x [F]x)
6753         (auto simp: "thm-relation-negation:2" 1)
6754    AOT_hence 2: ¬[F]-x
6755      using "KBasic:11"[THEN "≡E"(2)] by blast
6756    AOT_show [F]x
6757    proof (rule "raa-cor:1")
6758      AOT_assume 3: ¬[F]x
6759      AOT_have ¬¬[F]-x
6760        by (AOT_subst ¬[F]-x [F]x)
6761           (auto simp add: "thm-relation-negation:2" 3)
6762      AOT_hence [F]-x
6763        using "conventions:5"[THEN "≡dfI"] by simp
6764      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6765      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6766    qed
6767  qed
6768  also AOT_have   WeaklyContingent([F]-)
6769    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6770  finally show ?thesis.
6771qed
6772
6773AOT_theorem "cont-nec-fact1:2":
6774  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6775proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6776  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6777  AOT_hence WeaklyContingent([F]) using "&E" by blast
6778  moreover AOT_assume F = G
6779  ultimately AOT_have WeaklyContingent([G])
6780    using "rule=E" by blast
6781  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6782    using 1 "&I" "&E" by blast
6783qed
6784
6785AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6786proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6787  AOT_show Contingent(O!)
6788    using "oa-contingent:4".
6789next
6790  AOT_show x ([O!]x  [O!]x)
6791    apply (rule GEN; rule "→I")
6792    using "oa-facts:5"[THEN "≡E"(1)] by blast
6793qed
6794
6795
6796AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6797proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6798  AOT_show Contingent(A!)
6799    using "oa-contingent:5".
6800next
6801  AOT_show x ([A!]x  [A!]x)
6802    apply (rule GEN; rule "→I")
6803    using "oa-facts:6"[THEN "≡E"(1)] by blast
6804qed
6805
6806AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6807proof (rule "df-cont-nec"[THEN "≡Df",
6808                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6809                          THEN "≡E"(2)];
6810       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6811  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6812  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6813  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6814  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6815  moreover AOT_assume x ([E!]x  [E!]x)
6816  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6817  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6818  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6819  moreover AOT_have ¬𝒜E!a
6820    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6821  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6822  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6823qed
6824
6825AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6826  apply (rule "df-cont-nec"[THEN "≡Df",
6827                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6828                            THEN "≡E"(2)];
6829       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6830  apply (rule "contingent-properties:4"
6831                [THEN "≡Df",
6832                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6833                 THEN "≡E"(2)])
6834  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6835         rule "∨I"(2);
6836         rule "useful-tautologies:2"[THEN "→E"])
6837  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6838
6839AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6840proof -
6841  AOT_have 1: L
6842    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6843  {
6844    fix φ and Π Π' :: <κ>
6845    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6846    proof (rule "raa-cor:2")
6847      AOT_assume φ{Π'}  φ{Π}
6848      AOT_hence φ{Π'} using that(1) "≡E" by blast
6849      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6850    qed
6851    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6852      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6853                                 OF that(1,2), OF A[OF that(3, 4)]].
6854  } note 0 = this
6855  show ?thesis
6856    apply(safe intro!: "&I"; rule 0)
6857    using "cqt:2[concrete]"[axiom_inst] apply blast
6858    using "oa-exist:1" apply blast
6859    using "cont-nec-fact2:3" apply fast
6860    apply (rule "useful-tautologies:2"[THEN "→E"])
6861    using "cont-nec-fact2:1" apply fast
6862    using "rel-neg-T:3" apply fast
6863    using "oa-exist:1" apply blast
6864    using "cont-nec-fact1:1"[unvarify F,
6865            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6866            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3",
6867            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6868    apply (rule "useful-tautologies:2"[THEN "→E"])
6869    using "cont-nec-fact2:1" apply blast
6870    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6871    using "oa-exist:1" apply fast
6872    using "cont-nec-fact2:4" apply fast
6873    apply (rule "useful-tautologies:2"[THEN "→E"])
6874    using "cont-nec-fact2:1" apply fast
6875    using "rel-neg-T:3" apply fast
6876    using "oa-exist:1" apply fast
6877     apply (rule "cont-nec-fact1:1"[unvarify F,
6878                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6879                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6880    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6881    apply (rule "useful-tautologies:2"[THEN "→E"])
6882    using "cont-nec-fact2:1" by blast
6883qed
6884
6885AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6886proof -
6887  AOT_have 1: L
6888    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6889  {
6890    fix φ and Π Π' :: <κ>
6891    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6892    proof (rule "raa-cor:2")
6893      AOT_assume φ{Π'}  φ{Π}
6894      AOT_hence φ{Π'} using that(1) "≡E" by blast
6895      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6896    qed
6897    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6898      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6899              OF that(1,2), OF A[OF that(3, 4)]].
6900  } note 0 = this
6901  show ?thesis
6902    apply(safe intro!: "&I"; rule 0)
6903    using "cqt:2[concrete]"[axiom_inst] apply blast
6904    using "oa-exist:2" apply blast
6905    using "cont-nec-fact2:3" apply fast
6906    apply (rule "useful-tautologies:2"[THEN "→E"])
6907    using "cont-nec-fact2:2" apply fast
6908    using "rel-neg-T:3" apply fast
6909    using "oa-exist:2" apply blast
6910    using "cont-nec-fact1:1"[unvarify F,
6911            THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1),
6912            rotated, OF "cont-nec-fact2:3",
6913            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6914    apply (rule "useful-tautologies:2"[THEN "→E"])
6915    using "cont-nec-fact2:2" apply blast
6916    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6917    using "oa-exist:2" apply fast
6918    using "cont-nec-fact2:4" apply fast
6919    apply (rule "useful-tautologies:2"[THEN "→E"])
6920    using "cont-nec-fact2:2" apply fast
6921    using "rel-neg-T:3" apply fast
6922    using "oa-exist:2" apply fast
6923     apply (rule "cont-nec-fact1:1"[unvarify F,
6924              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6925              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6926     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6927    apply (rule "useful-tautologies:2"[THEN "→E"])
6928    using "cont-nec-fact2:2" by blast
6929qed
6930
6931AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6932  Δp df p  (¬𝒜p & p)
6933
6934AOT_theorem sixteen:
6935 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6936  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6937    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6938    F1  F14 & F1  F15 & F1  F16 &
6939  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6940    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6941    F2  F15 & F2  F16 &
6942  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6943    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6944  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6945    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6946  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6947    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6948  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6949    F6  F14 & F6  F15 & F6  F16 &
6950  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6951    F7  F15 & F7  F16 &
6952  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6953    F8  F16 &
6954  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6955  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6956  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6957  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6958  F13  F14 & F13  F15 & F13  F16 &
6959  F14  F15 & F14  F16 &
6960  F15  F16) 
6961proof -
6962  AOT_have Delta_pos: Δφ  φ for φ
6963  proof(rule "→I")
6964    AOT_assume Δφ
6965    AOT_hence φ  (¬𝒜φ & φ)
6966      using "≡dfE"[OF necessary_or_contingently_false] by blast
6967    moreover {
6968      AOT_assume φ
6969      AOT_hence φ
6970        by (metis "B◇" "T◇" "vdash-properties:10")
6971    }
6972    moreover {
6973      AOT_assume ¬𝒜φ & φ
6974      AOT_hence φ
6975        using "&E" by blast
6976    }
6977    ultimately AOT_show φ
6978      by (metis "∨E"(2) "raa-cor:1") 
6979  qed
6980
6981  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6982    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6983          "raa-cor:3" that(1,2) by blast
6984  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6985    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6986  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6987    using Delta_pos "modus-tollens:1" that by blast
6988  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6989    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6990  AOT_have nec_delta: Δφ if φ for φ
6991    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6992
6993  AOT_obtain a where a_prop: A!a
6994    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6995  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6996    using "pos-not-pna:3" using "∃E"[rotated] by blast
6997
6998  AOT_have b_ord: [O!]b
6999  proof(rule "=dfI"(2)[OF AOT_ordinary])
7000    AOT_show x [E!]x] by "cqt:2[lambda]"
7001  next
7002    AOT_show x [E!]x]b
7003    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
7004      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
7005      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
7006    qed
7007  qed
7008
7009  AOT_have nec_not_L_neg: ¬[L-]x for x
7010    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
7011          CBF[THEN "→E"] "∀E" by blast
7012  AOT_have nec_L: [L]x for x
7013    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
7014      CBF[THEN "→E"] "∀E" by blast
7015
7016  AOT_have act_ord_b: 𝒜[O!]b
7017    using b_ord "≡E"(1) "oa-facts:7" by blast
7018  AOT_have delta_ord_b: Δ[O!]b
7019    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
7020              "oa-facts:1" "→E")
7021  AOT_have not_act_ord_a: ¬𝒜[O!]a
7022    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
7023  AOT_have not_delta_ord_a: ¬Δ[O!]a
7024    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
7025              "reductio-aa:1" "→E")
7026
7027  AOT_have not_act_abs_b: ¬𝒜[A!]b
7028    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
7029  AOT_have not_delta_abs_b: ¬Δ[A!]b
7030  proof(rule "raa-cor:2")
7031    AOT_assume Δ[A!]b
7032    AOT_hence [A!]b
7033      by (metis Delta_pos "vdash-properties:10")
7034    AOT_thus [A!]b & ¬[A!]b
7035      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
7036                "oa-facts:4" "→E")
7037  qed
7038  AOT_have act_abs_a: 𝒜[A!]a
7039    using a_prop "≡E"(1) "oa-facts:8" by blast
7040  AOT_have delta_abs_a: Δ[A!]a
7041    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
7042              necessary_or_contingently_false)
7043
7044  AOT_have not_act_concrete_b: ¬𝒜[E!]b
7045    using b_prop "&E"(2) by blast
7046  AOT_have delta_concrete_b: Δ[E!]b
7047  proof (rule "≡dfI"[OF necessary_or_contingently_false];
7048         rule "∨I"(2); rule "&I")
7049    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
7050  next
7051    AOT_show [E!]b using b_prop "&E"(1) by blast
7052  qed
7053  AOT_have not_act_concrete_a: ¬𝒜[E!]a
7054  proof (rule "raa-cor:2")
7055    AOT_assume 𝒜[E!]a
7056    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
7057    AOT_have [A!]a by (simp add: a_prop)
7058    AOT_hence x ¬[E!]x]a
7059      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
7060    AOT_hence ¬[E!]a using "β→C"(1) by blast
7061    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
7062  qed
7063  AOT_have not_delta_concrete_a: ¬Δ[E!]a
7064  proof (rule "raa-cor:2")
7065    AOT_assume Δ[E!]a
7066    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
7067    AOT_have [A!]a by (simp add: a_prop)
7068    AOT_hence x ¬[E!]x]a
7069      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
7070    AOT_hence ¬[E!]a using "β→C"(1) by blast
7071    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
7072  qed
7073
7074  AOT_have not_act_q_zero: ¬𝒜q0
7075    by (meson "log-prop-prop:2" "pos-not-pna:1"
7076              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
7077  AOT_have delta_q_zero: Δq0
7078  proof(rule "≡dfI"[OF necessary_or_contingently_false];
7079        rule "∨I"(2); rule "&I")
7080    AOT_show ¬𝒜q0 using not_act_q_zero.
7081    AOT_show q0 by (meson "&E"(1) q0_prop)
7082  qed
7083  AOT_have act_not_q_zero: 𝒜¬q0
7084    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
7085  AOT_have not_delta_not_q_zero: ¬Δ¬q0
7086    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7087          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
7088
7089  AOT_have [L-] by (simp add: "rel-neg-T:3")
7090  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
7091  proof (safe intro!: "&I")
7092    AOT_show ¬𝒜[L-]b
7093      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
7094                nec_not_L_neg "→E")
7095    AOT_show ¬Δ[L-]b
7096      by (meson Delta_pos "KBasic2:1" "≡E"(1)
7097                "modus-tollens:1" nec_not_L_neg)
7098    AOT_show ¬𝒜[L-]a
7099      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
7100                "nec-imp-act" nec_not_L_neg "→E")
7101    AOT_show ¬Δ[L-]a
7102      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
7103            nec_not_L_neg by blast
7104  qed
7105  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
7106    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7107  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
7108    using "&E" by blast+
7109  note props = this
7110
7111  let  = "«y [A!]y & q0]»"
7112  AOT_modally_strict {
7113    AOT_have [«»] by "cqt:2[lambda]"
7114  } note 1 = this
7115  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7116  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
7117    AOT_show ¬𝒜([A!]b & q0)
7118      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7119  next AOT_show ¬Δ([A!]b & q0)
7120      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
7121                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
7122  next AOT_show ¬𝒜([A!]a & q0)
7123      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
7124            "raa-cor:3" by blast
7125  next AOT_show Δ([A!]a & q0)
7126    proof (rule not_act_and_pos_delta)
7127      AOT_show ¬𝒜([A!]a & q0)
7128        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
7129              "raa-cor:3" by blast
7130    next AOT_show ([A!]a & q0)
7131        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
7132                  "≡E"(1) "oa-facts:6" q0_prop)
7133    qed
7134  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7135  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
7136    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7137  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
7138    using "&E" by blast+
7139  note props = props this
7140
7141  let  = "«y [A!]y & ¬q0]»"
7142  AOT_modally_strict {
7143    AOT_have [«»] by "cqt:2[lambda]"
7144  } note 1 = this
7145  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7146  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7147    AOT_show ¬𝒜([A!]b & ¬q0)
7148      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7149  next AOT_show ¬Δ([A!]b & ¬q0)
7150      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7151                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7152  next AOT_show 𝒜([A!]a & ¬q0)
7153      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7154                "≡E"(3) not_act_q_zero "raa-cor:3")
7155  next AOT_show ¬Δ([A!]a & ¬q0)
7156    proof (rule act_and_not_nec_not_delta)
7157      AOT_show 𝒜([A!]a & ¬q0)
7158        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7159                  "≡E"(3) not_act_q_zero "raa-cor:3")
7160    next
7161      AOT_show ¬([A!]a & ¬q0)
7162        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7163                  q0_prop "raa-cor:3")
7164    qed
7165  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7166  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7167    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7168  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7169    using "&E" by blast+
7170  note props = props this
7171
7172  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7173    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7174    by presburger
7175  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7176    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7177  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7178    using "&E" by blast+
7179  note props = props this
7180
7181  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7182    by (meson "&I" delta_concrete_b not_act_concrete_a
7183              not_act_concrete_b not_delta_concrete_a)
7184  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7185    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7186    by fastforce
7187  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7188    using "&E" by blast+
7189  note props = props this
7190
7191  AOT_modally_strict {
7192    AOT_have y q0] by "cqt:2[lambda]"
7193  } note 1 = this
7194  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7195    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7196       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7197  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7198    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7199    by fastforce
7200  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7201    using "&E" by blast+
7202  note props = props this
7203
7204  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7205  AOT_modally_strict {
7206    AOT_have [«»] by "cqt:2[lambda]"
7207  } note 1 = this
7208  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7209  proof(safe intro!: "&I";
7210        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7211    AOT_have 𝒜¬([A!]b & ¬q0)
7212      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7213                "≡E"(1) "raa-cor:3")
7214    moreover AOT_have ¬𝒜[E!]b
7215      using b_prop "&E"(2) by blast
7216    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7217      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7218    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7219      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7220         (auto simp: "oth-class-taut:5:d" 2)
7221    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7222      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7223  next
7224    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7225    proof (rule not_act_and_pos_delta)
7226      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7227        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7228                  "Conjunction Simplification"(1) "≡E"(4)
7229                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7230    next
7231      AOT_show ([E!]b  ([A!]b & ¬q0))
7232        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7233    qed
7234  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7235      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7236                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7237  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7238    proof (rule act_and_not_nec_not_delta)
7239      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7240        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7241                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7242    next
7243      AOT_have ¬[E!]a
7244        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7245                  necessary_or_contingently_false
7246                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7247      moreover AOT_have ¬([A!]a & ¬q0)
7248        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7249                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7250      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7251        by (metis "KBasic:16" "&I" "vdash-properties:10")
7252      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7253        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7254      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7255        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7256    qed
7257  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7258  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7259    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7260  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7261    using "&E" by blast+
7262  note props = props this
7263
7264  let  = "«y [A!]y  [E!]y]»"
7265  AOT_modally_strict {
7266    AOT_have [«»] by "cqt:2[lambda]"
7267  } note 1 = this
7268  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7269  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7270    AOT_show ¬𝒜([A!]b  [E!]b)
7271      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7272            not_act_concrete_b "raa-cor:3" by blast
7273  next AOT_show Δ([A!]b  [E!]b)
7274    proof (rule not_act_and_pos_delta)
7275      AOT_show ¬𝒜([A!]b  [E!]b)
7276        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7277              not_act_concrete_b "raa-cor:3" by blast
7278    next AOT_show ([A!]b  [E!]b)
7279        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7280    qed
7281  next AOT_show 𝒜([A!]a  [E!]a)
7282      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7283  next AOT_show Δ([A!]a  [E!]a)
7284    proof (rule nec_delta)
7285      AOT_show ([A!]a  [E!]a)
7286        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7287                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7288    qed
7289  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7290  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7291    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7292  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7293    using "&E" by blast+
7294  note props = props this
7295
7296  let  = "«y [O!]y & ¬[E!]y]»"
7297  AOT_modally_strict {
7298    AOT_have [«»] by "cqt:2[lambda]"
7299  } note 1 = this
7300  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7301  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7302    AOT_show 𝒜([O!]b & ¬[E!]b)
7303      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7304                "≡E"(3) not_act_concrete_b "raa-cor:3")
7305  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7306      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7307                act_and_not_nec_not_delta "act-conj-act:3"
7308                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7309                "df-rules-formulas[3]"
7310                "≡E"(3) "raa-cor:1" "→E")
7311  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7312      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7313  next AOT_have ¬([O!]a & ¬[E!]a)
7314      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7315                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7316    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7317      by (rule impossible_delta)
7318  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7319  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7320    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7321  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7322    using "&E" by blast+
7323  note props = props this
7324
7325  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7326  AOT_modally_strict {
7327    AOT_have [«»] by "cqt:2[lambda]"
7328  } note 1 = this
7329  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7330  proof(safe intro!: "&I";
7331        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7332    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7333      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7334                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7335  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7336    proof (rule act_and_pos_not_not_delta)
7337      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7338        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7339                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7340    next
7341      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7342      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7343        AOT_modally_strict {
7344          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7345            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7346                      "→I" "≡I" "reductio-aa:1")
7347        }
7348      next
7349        AOT_show ([E!]b  ¬([O!]b  q0))
7350          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7351                "raa-cor:3" by blast
7352       qed
7353     qed
7354   next
7355     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7356       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7357             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7358   next
7359     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7360     proof (rule not_act_and_pos_delta)
7361       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7362         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7363                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7364     next
7365       AOT_have ¬[E!]a
7366         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7367               not_delta_concrete_a "raa-cor:5" by blast
7368       moreover AOT_have ([O!]a  q0)
7369         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7370       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7371         by (metis "KBasic:16" "&I" "vdash-properties:10")
7372     qed
7373   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7374  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7375    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7376  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7377    using "&E" by blast+
7378  note props = props this
7379
7380  AOT_modally_strict {
7381    AOT_have y ¬q0] by "cqt:2[lambda]"
7382  } note 1 = this
7383  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7384    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7385       (auto simp: act_not_q_zero not_delta_not_q_zero
7386                   "beta-C-meta"[THEN "→E", OF 1])
7387  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7388    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7389  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7390    using "&E" by blast+
7391  note props = props this
7392
7393  AOT_modally_strict {
7394    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7395  } note 1 = this
7396  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7397                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7398  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7399    AOT_show 𝒜¬[E!]b
7400      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7401  next AOT_show ¬Δ¬[E!]b
7402      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7403            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7404  next AOT_show 𝒜¬[E!]a
7405      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7406  next AOT_show Δ¬[E!]a
7407      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7408            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7409      by blast
7410  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7411  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7412    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7413  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7414    using "&E" by blast+
7415  note props = props this
7416
7417  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7418    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7419  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7420    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7421  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7422    using "&E" by blast+
7423  note props = props this
7424
7425  let  = "«y [O!]y  q0]»"
7426  AOT_modally_strict {
7427    AOT_have [«»] by "cqt:2[lambda]"
7428  } note 1 = this
7429  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7430  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7431    AOT_show 𝒜([O!]b  q0)
7432      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7433  next AOT_show Δ([O!]b  q0)
7434      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7435  next AOT_show ¬𝒜([O!]a  q0)
7436      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7437            not_act_q_zero "raa-cor:3" by blast
7438  next AOT_show Δ([O!]a  q0)
7439    proof (rule not_act_and_pos_delta)
7440      AOT_show ¬𝒜([O!]a  q0)
7441        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7442              not_act_q_zero "raa-cor:3" by blast
7443    next AOT_show ([O!]a  q0)
7444        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7445    qed
7446  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7447  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7448    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7449  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7450    using "&E" by blast+
7451  note props = props this
7452
7453  let  = "«y [O!]y  ¬q0]»"
7454  AOT_modally_strict {
7455     AOT_have [«»] by "cqt:2[lambda]"
7456  } note 1 = this
7457  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7458  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7459    AOT_show 𝒜([O!]b  ¬q0)
7460      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7461  next AOT_show Δ([O!]b  ¬q0)
7462      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7463  next AOT_show 𝒜([O!]a  ¬q0)
7464      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7465  next AOT_show ¬Δ([O!]a  ¬q0)
7466    proof(rule act_and_pos_not_not_delta)
7467      AOT_show 𝒜([O!]a  ¬q0)
7468        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7469    next
7470      AOT_have ¬[O!]a
7471        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7472              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7473      moreover AOT_have q0
7474        by (meson "&E"(1) q0_prop)
7475      ultimately AOT_have 2: (¬[O!]a & q0)
7476         by (metis "KBasic:16" "&I" "vdash-properties:10")
7477      AOT_show ¬([O!]a  ¬q0)
7478      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7479        AOT_modally_strict {
7480          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7481            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7482                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7483        }
7484      next
7485        AOT_show (¬[O!]a & q0)
7486          using "2" by blast
7487      qed
7488    qed
7489  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7490  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7491    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7492  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7493    using "&E" by blast+
7494  note props = props this
7495
7496  AOT_have [L]
7497    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7498  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7499  proof (safe intro!: "&I")
7500    AOT_show 𝒜[L]b
7501      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7502    next AOT_show Δ[L]b using nec_L nec_delta by blast
7503    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7504    next AOT_show Δ[L]a using nec_L nec_delta by blast
7505  qed
7506  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7507    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7508  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7509    using "&E" by blast+
7510  note props = props this
7511
7512  show ?thesis
7513    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7514        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7515        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7516        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7517        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7518        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7519        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7520        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7521        safe intro!: "&I")
7522       (match conclusion in "[?v  [F]  [G]]" for F G  7523        match props in A: "[?v  ¬φ{F}]" for φ 7524        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7525        match props in B: "[?v  φ{G}]" 7526        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7527                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7528                                OF "Disjunction Addition"(2)[THEN "→E"],
7529                                OF "&I", OF A, OF B]››››)+
7530qed
7531
7532subsection‹The Theory of Objects›
7533text‹\label{PLM: 9.11}›
7534
7535AOT_theorem "o-objects-exist:1": x O!x
7536proof(rule RN)
7537  AOT_modally_strict {
7538    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7539      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7540      by blast
7541    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7542    AOT_have x [E!]x]a
7543    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7544      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7545    next
7546      AOT_show E!a by (fact 1)
7547    qed
7548    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7549    AOT_thus x [O!]x by (rule "∃I")
7550  }
7551qed
7552
7553AOT_theorem "o-objects-exist:2": x A!x
7554proof (rule RN)
7555  AOT_modally_strict {
7556    AOT_obtain a where [A!]a
7557      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7558    AOT_thus x A!x using "∃I" by blast
7559  }
7560qed
7561
7562AOT_theorem "o-objects-exist:3": ¬x O!x
7563  by (rule RN)
7564     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7565        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7566        "qml:2"[axiom_inst] "reductio-aa:2")
7567
7568AOT_theorem "o-objects-exist:4": ¬x A!x
7569  by (rule RN)
7570     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7571        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7572        "qml:2"[axiom_inst] "→E")
7573
7574AOT_theorem "o-objects-exist:5": ¬x E!x
7575proof (rule RN; rule "raa-cor:2")
7576  AOT_modally_strict {
7577    AOT_assume x E!x
7578    moreover AOT_obtain a where abs: A!a
7579      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7580            "∃E"[rotated] by blast
7581    ultimately AOT_have E!a using "∀E" by blast
7582    AOT_hence 1: E!a by (metis "T◇" "→E")
7583    AOT_have y E!y]a
7584    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7585      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7586    next
7587      AOT_show E!a by (fact 1)
7588    qed
7589    AOT_hence O!a
7590      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7591    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7592    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7593  }
7594qed
7595
7596AOT_theorem partition: ¬x (O!x & A!x)
7597proof(rule "raa-cor:2")
7598  AOT_assume x (O!x & A!x)
7599  then AOT_obtain a where O!a & A!a
7600    using "∃E"[rotated] by blast
7601  AOT_thus p & ¬p for p
7602    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7603              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7604qed
7605
7606AOT_define eq_E :: ‹Π› ("'(=E')")
7607  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7608
7609syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7610translations
7611  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7612print_translation7613AOT_syntax_print_translations
7614[(const_syntax‹AOT_exe›, fn ctxt => fn [
7615  Const ("constAOT_PLM.eq_E", _),
7616  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7617] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7618
7619text‹Note: Not explicitly mentioned as theorem in PLM.›
7620AOT_theorem "=E[denotes]": [(=E)]
7621  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7622
7623AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7624proof -
7625  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7626  show ?thesis
7627    apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7628    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)",
7629                        OF tuple_denotes[THEN "≡dfI"], OF "&I",
7630                        OF "cqt:2[const_var]"[axiom_inst],
7631                        OF "cqt:2[const_var]"[axiom_inst]]
7632    by fast
7633qed
7634
7635AOT_theorem "=E-simple:2": x =E y  x = y
7636proof (rule "→I")
7637  AOT_assume x =E y
7638  AOT_hence O!x & O!y & F ([F]x  [F]y)
7639    using "=E-simple:1"[THEN "≡E"(1)] by blast
7640  AOT_thus x = y
7641    using "≡dfI"[OF "identity:1"] "∨I" by blast
7642qed
7643
7644AOT_theorem "id-nec3:1": x =E y  (x =E y)
7645proof (rule "≡I"; rule "→I")
7646  AOT_assume x =E y
7647  AOT_hence O!x & O!y & F ([F]x  [F]y)
7648    using "=E-simple:1" "≡E" by blast
7649  AOT_hence O!x & O!y & F ([F]x  [F]y)
7650    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7651              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7652  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7653    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7654  AOT_thus (x =E y)
7655    using "=E-simple:1"
7656    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7657next
7658  AOT_assume (x =E y)
7659  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7660qed
7661
7662AOT_theorem "id-nec3:2": (x =E y)  x =E y
7663  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7664
7665AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7666  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7667
7668syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7669translations
7670  (Π) "(≠E)" == (Π) "(=E)-"
7671syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7672translations
7673 "_AOT_non_eq_E_infix κ κ'" ==
7674 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7675print_translation7676AOT_syntax_print_translations
7677[(const_syntax‹AOT_exe›, fn ctxt => fn [
7678  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7679  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7680] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7681AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7682proof -
7683  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7684  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7685    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7686       (meson "oth-class-taut:3:a")
7687  also AOT_have   ¬(=E)xy
7688    by (safe intro!: "beta-C-meta"[THEN "→E", unvarify ν1νn] "cqt:2"
7689                     tuple_denotes[THEN "≡dfI"] "&I")
7690  finally show ?thesis.
7691qed
7692
7693AOT_theorem "id-nec4:1": x E y  (x E y)
7694proof -
7695  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7696  also AOT_have   ¬(x =E y)
7697    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7698  also AOT_have   ¬(x =E y)
7699    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7700  also AOT_have   (x E y)
7701    by (AOT_subst (reverse) ¬(x =E y) x E y)
7702       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7703  finally show ?thesis.
7704qed
7705
7706AOT_theorem "id-nec4:2": (x E y)  (x E y)
7707  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7708
7709AOT_theorem "id-nec4:3": (x E y)  (x E y)
7710  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7711
7712AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7713  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7714AOT_theorem "id-act2:2": x E y  𝒜x E y
7715  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7716
7717AOT_theorem "ord=Eequiv:1": O!x  x =E x
7718proof (rule "→I")
7719  AOT_assume 1: O!x
7720  AOT_show x =E x
7721    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7722    apply (rule "β←C"(1))
7723      apply "cqt:2[lambda]"
7724     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7725    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7726qed
7727
7728AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7729proof(rule CP)
7730  AOT_assume 1: x =E y
7731  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7732  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7733  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7734  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7735qed
7736
7737AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7738proof (rule CP)
7739  AOT_assume 1: x =E y & y =E z
7740  AOT_hence x = y & y = z
7741    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7742  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7743  moreover AOT_have x =E x
7744    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7745          "ord=Eequiv:1" "→E" by blast
7746  ultimately AOT_show x =E z
7747    using "rule=E" by fast
7748qed
7749
7750AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7751proof(rule CP)
7752  AOT_assume O!x  O!y
7753  moreover {
7754    AOT_assume O!x
7755    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7756    moreover {
7757      AOT_modally_strict {
7758        AOT_have O!x  (x = y  x =E y)
7759        proof (rule "→I"; rule "≡I"; rule "→I")
7760          AOT_assume O!x
7761          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7762          moreover AOT_assume x = y
7763          ultimately AOT_show x =E y using "rule=E" by fast
7764        next
7765          AOT_assume x =E y
7766          AOT_thus x = y by (metis "=E-simple:2" "→E")
7767        qed
7768      }
7769      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7770    }
7771    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7772  }
7773  moreover {
7774    AOT_assume O!y
7775    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7776    moreover {
7777      AOT_modally_strict {
7778        AOT_have O!y  (x = y  x =E y)
7779        proof (rule "→I"; rule "≡I"; rule "→I")
7780          AOT_assume O!y
7781          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7782          moreover AOT_assume x = y
7783          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7784        next
7785          AOT_assume x =E y
7786          AOT_thus x = y by (metis "=E-simple:2" "→E")
7787        qed
7788      }
7789      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7790    }
7791    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7792  }
7793  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7794qed
7795
7796AOT_theorem "ord-=E=:2": O!y  x x = y]
7797proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7798  AOT_show x x =E y] by "cqt:2[lambda]"
7799next
7800  AOT_assume O!y
7801  AOT_hence 1: (x = y  x =E y) for x
7802    using "ord-=E=:1" "→E" "∨I" by blast
7803  AOT_have (x =E y  x = y) for x
7804    by (AOT_subst x =E y  x = y x = y  x =E y)
7805       (auto simp add: "Commutativity of ≡" 1)
7806  AOT_hence x (x =E y  x = y) by (rule GEN)
7807  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7808qed
7809
7810
7811AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7812proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7813  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7814next
7815  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7816  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7817    AOT_modally_strict {
7818      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7819        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7820                  "modus-tollens:1" "raa-cor:1" that)
7821    }
7822  next
7823    AOT_modally_strict {
7824      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7825        apply(safe intro!: "&I")
7826          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7827         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7828        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7829              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7830        by fast
7831    }
7832  qed
7833qed
7834
7835AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7836proof(rule "→I")
7837  AOT_assume F ([F]x  [F]y)
7838  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7839  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7840    using "∀E" by blast
7841  moreover AOT_have x F ([F]x  [F]y)]y
7842    apply (rule "β←C"(1))
7843      apply "cqt:2[lambda]"
7844     apply (fact "cqt:2[const_var]"[axiom_inst])
7845    by (simp add: RN GEN "oth-class-taut:3:a")
7846  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7847  AOT_thus F ([F]x  [F]y)
7848    using "β→C"(1) by blast
7849qed
7850
7851AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7852proof (rule "→I"; rule "→I")
7853  AOT_assume F ([F]x  [F]y)
7854  AOT_hence F ([F]x  [F]y)
7855    using "ind-nec"[THEN "→E"] by blast
7856  moreover AOT_assume O!x & O!y
7857  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7858    using "&I" by blast
7859  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7860qed
7861
7862AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7863proof (rule "→I"; rule "→I")
7864  AOT_assume O!x & O!y
7865  moreover AOT_assume F ([F]x  [F]y)
7866  ultimately AOT_have x =E y
7867    using "ord=E:1" "→E" by blast
7868  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7869qed
7870
7871AOT_theorem "ord=E2:1":
7872  (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7873proof (rule "→I"; rule "≡I"; rule "→I";
7874       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7875  AOT_assume 0: O!x & O!y
7876  AOT_assume x  y
7877  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7878  AOT_assume z z =E x] = z z =E y]
7879  moreover AOT_have z z =E x]x
7880    apply (rule "β←C"(1))
7881      apply "cqt:2[lambda]"
7882     apply (fact "cqt:2[const_var]"[axiom_inst])
7883    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7884  ultimately AOT_have z z =E y]x using "rule=E" by fast
7885  AOT_hence x =E y using "β→C"(1) by blast
7886  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7887  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7888next
7889  AOT_assume z z =E x]  z z =E y]
7890  AOT_hence 0: ¬(z z =E x] = z z =E y])
7891    using "≡dfE"[OF "=-infix"] by blast
7892  AOT_have z z =E x] by "cqt:2[lambda]"
7893  AOT_hence z z =E x] = z z =E x]
7894    by (metis "rule=I:1")
7895  moreover AOT_assume x = y
7896  ultimately AOT_have z z =E x] = z z =E y]
7897    using "rule=E" by fast
7898  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7899    using 0 "&I" by blast
7900qed
7901
7902AOT_theorem "ord=E2:2":
7903  (O!x & O!y)  (x  y  z z = x]  z z = y])
7904proof (rule "→I"; rule "≡I"; rule "→I";
7905       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7906  AOT_assume 0: O!x & O!y
7907  AOT_assume x  y
7908  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7909  AOT_assume z z = x] = z z = y]
7910  moreover AOT_have z z = x]x
7911    apply (rule "β←C"(1))
7912    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7913     apply (fact "cqt:2[const_var]"[axiom_inst])
7914    by (simp add: "id-eq:1")
7915  ultimately AOT_have z z = y]x using "rule=E" by fast
7916  AOT_hence x = y using "β→C"(1) by blast
7917  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7918next
7919  AOT_assume 0: O!x & O!y
7920  AOT_assume z z = x]  z z = y]
7921  AOT_hence 1: ¬(z z = x] = z z = y])
7922    using "≡dfE"[OF "=-infix"] by blast
7923  AOT_have z z = x]
7924    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7925  AOT_hence z z = x] = z z = x]
7926    by (metis "rule=I:1")
7927  moreover AOT_assume x = y
7928  ultimately AOT_have z z = x] = z z = y]
7929    using "rule=E" by fast
7930  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7931    using 1 "&I" by blast
7932qed
7933
7934AOT_theorem ordnecfail: O!x  ¬F x[F]
7935  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7936
7937AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7938proof (rule "→I"; rule "→I")
7939  AOT_assume 1: A!x & A!y
7940  AOT_assume F (x[F]  y[F])
7941  AOT_hence x[F]  y[F] for F using "∀E" by blast
7942  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7943  AOT_hence F (x[F]  y[F]) by (rule GEN)
7944  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7945  AOT_thus x = y
7946    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7947qed
7948
7949AOT_theorem "ab-obey:2":
7950  (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7951proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7952  AOT_assume 1: x = y
7953  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7954  moreover {
7955    AOT_assume F (x[F] & ¬y[F])
7956    then AOT_obtain F where x[F] & ¬y[F]
7957      using "∃E"[rotated] by blast
7958    moreover AOT_have y[F]
7959      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7960    ultimately AOT_have p & ¬p for p
7961      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7962  }
7963  moreover {
7964    AOT_assume F (y[F] & ¬x[F])
7965    then AOT_obtain F where y[F] & ¬x[F]
7966      using "∃E"[rotated] by blast
7967    moreover AOT_have ¬y[F]
7968      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7969    ultimately AOT_have p & ¬p for p
7970      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7971  }
7972  ultimately AOT_show p & ¬p for p
7973    by (metis "∨E"(3) "raa-cor:1")
7974qed
7975
7976AOT_theorem "encoders-are-abstract": F x[F]  A!x
7977  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7978            "oa-contingent:3" "vdash-properties:1[2]")
7979
7980AOT_theorem "denote=:1": Hx x[H]
7981  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7982
7983AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7984  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7985
7986AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7987  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7988
7989AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7990  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7991
7992AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7993  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7994
7995AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7996  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7997        "Commutativity of ≡" "≡Df" by blast
7998
7999AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
8000  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
8001
8002AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
8003  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
8004
8005AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
8006  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
8007
8008AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
8009  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
8010
8011AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
8012proof (rule "uniqueness:1"[THEN "≡dfI"])
8013  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
8014    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
8015  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
8016  proof (rule "→I")
8017    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
8018    AOT_hence β[F]  φ{F} for F
8019      using "∀E" "&E" by blast
8020    AOT_hence β[F]  a[F] for F
8021      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
8022            "Commutativity of ≡" by fast
8023    AOT_hence F (β[F]  a[F]) by (rule GEN)
8024    AOT_thus β = a
8025      using "ab-obey:1"[THEN "→E",
8026                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
8027                THEN "→E"] by blast
8028  qed
8029  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
8030  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
8031                β ([A!]β & F (β[F]  φ{F})  β = α))
8032    using "∃I" using a_prop "&I" by fast
8033qed
8034
8035AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
8036  using "A-objects!" by fast
8037
8038AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
8039  using "A-objects!" by fast
8040
8041AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
8042  using "A-objects!" by fast
8043
8044AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
8045  using "A-objects!" by fast
8046
8047AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
8048  using "A-objects!" by fast
8049
8050AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
8051  using "A-objects!" by fast
8052
8053AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
8054  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
8055
8056AOT_act_theorem "thm-can-terms2":
8057  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8058  using "y-in:2" by blast
8059
8060AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
8061proof(rule "→I")
8062  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8063  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8064    using "actual-desc:2"[THEN "→E"] by blast
8065  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
8066  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
8067qed
8068
8069AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8070proof -
8071  AOT_have ιx(A!x & F (x[F]  φ{F}))
8072    by (simp add: "A-descriptions")
8073  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
8074             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8075    using "y-in:3"[THEN "→E"] by blast
8076  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8077    using "&E" "∀E" by blast
8078qed
8079
8080AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
8081  using "desc-encode:1".
8082
8083AOT_theorem "desc-nec-encode:1":
8084  ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8085proof -
8086  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
8087    by (simp add: "A-descriptions")
8088  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
8089             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
8090    using "actual-desc:4"[THEN "→E"] by blast
8091  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8092    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
8093  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8094    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
8095  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
8096    using "∀E" by blast
8097  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8098    using "Act-Basic:5" "≡E"(1) by blast
8099  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
8100    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
8101qed
8102
8103AOT_theorem "desc-nec-encode:2":
8104  ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
8105  using "desc-nec-encode:1".
8106
8107AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
8108  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
8109     (meson "nec-imp-act" "vdash-properties:10")
8110
8111AOT_theorem "Box-desc-encode:2":
8112φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8113proof(rule CP)
8114  AOT_assume φ{G}
8115  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
8116  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8117  proof (rule RM; rule "→I")
8118    AOT_modally_strict {
8119      AOT_assume 1: φ{G}
8120      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
8121        using "Box-desc-encode:1" "→E" by blast
8122      moreover AOT_have φ{G}
8123        using 1 by (meson "qml:2"[axiom_inst] "→E")
8124      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
8125        using "→I" "≡I" by simp
8126    }
8127  qed
8128  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8129    using "→E" by blast
8130qed
8131
8132definition rigid_condition where
8133  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
8134syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
8135
8136AOT_theorem "strict-can:1[E]":
8137  assumes RIGID_CONDITION(φ)
8138  shows α (φ{α}  φ{α})
8139  using assms[unfolded rigid_condition_def] by auto
8140
8141AOT_theorem "strict-can:1[I]":
8142  assumes  α (φ{α}  φ{α})
8143  shows RIGID_CONDITION(φ)
8144  using assms rigid_condition_def by auto
8145
8146AOT_theorem "box-phi-a:1":
8147  assumes RIGID_CONDITION(φ)
8148  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8149proof (rule "→I")
8150  AOT_assume a: A!x & F (x[F]  φ{F})
8151  AOT_hence b: A!x
8152    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8153  AOT_have x[F]  φ{F} for F
8154    using a[THEN "&E"(2)] "∀E" by blast
8155  moreover AOT_have (x[F]  x[F]) for F
8156    by (meson "pre-en-eq:1[1]" RN)
8157  moreover AOT_have (φ{F}  φ{F}) for F
8158    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8159  ultimately AOT_have (x[F]  φ{F}) for F
8160    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8161  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8162  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8163  AOT_thus ([A!]x & F (x[F]  φ{F}))
8164    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8165qed
8166
8167AOT_theorem "box-phi-a:2":
8168  assumes RIGID_CONDITION(φ)
8169  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8170proof(rule "→I")
8171  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8172  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8173    using "actual-desc:2"[THEN "→E"] by fast
8174  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8175    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8176  AOT_hence F 𝒜(y[F]  φ{F})
8177    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8178  AOT_hence 𝒜(y[F]  φ{F}) for F
8179    using "∀E" by blast
8180  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8181    by (metis "Act-Basic:5" "≡E"(1)) 
8182  AOT_hence y[F]  φ{F} for F
8183    using "sc-eq-fur:2"[THEN "→E",
8184            OF "strict-can:1[E]"[OF assms,
8185                THEN "∀E"(2)[where β=F], THEN RN]]
8186    by (metis "en-eq:10[1]" "≡E"(6))
8187  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8188  AOT_thus [A!]y & F (y[F]  φ{F})
8189    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8190qed
8191
8192AOT_theorem "box-phi-a:3":
8193  assumes RIGID_CONDITION(φ)
8194  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8195  using "desc-nec-encode:2"
8196    "sc-eq-fur:2"[THEN "→E",
8197        OF "strict-can:1[E]"[OF assms,
8198          THEN "∀E"(2)[where β=F], THEN RN]]
8199    "≡E"(5) by blast
8200
8201AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8202  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8203
8204AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8205  "df-null-uni:2": Universal(x) df A!x & F x[F]
8206
8207AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8208proof (rule "uniqueness:1"[THEN "≡dfI"])
8209  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8210    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8211  AOT_have a_null: ¬a[F] for F
8212  proof (rule "raa-cor:2")
8213    AOT_assume a[F]
8214    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8215    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8216    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8217  qed
8218  AOT_have Null(a) & β (Null(β)  β = a)
8219  proof (rule "&I")
8220    AOT_have ¬F a[F]
8221      using a_null by (metis "instantiation" "reductio-aa:1")
8222    AOT_thus Null(a)
8223      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8224  next
8225    AOT_show β (Null(β)  β = a)
8226    proof (rule GEN; rule "→I")
8227      fix β
8228      AOT_assume a: Null(β)
8229      AOT_hence ¬F β[F]
8230        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8231      AOT_hence β_null: ¬β[F] for F
8232        by (metis "existential:2[const_var]" "reductio-aa:1")
8233      AOT_have F (β[F]  a[F])
8234        apply (rule GEN; rule "≡I"; rule CP)
8235        using "raa-cor:3" β_null a_null by blast+
8236      moreover AOT_have A!β
8237        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8238      ultimately AOT_show β = a
8239        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8240              "&I" by blast
8241    qed
8242  qed
8243  AOT_thus α (Null(α) & β (Null(β)  β = α))
8244    using "∃I"(2) by fast
8245qed
8246
8247AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8248proof (rule "uniqueness:1"[THEN "≡dfI"])
8249  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8250    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8251  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8252  AOT_hence Universal(a)
8253    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8254  moreover AOT_have β (Universal(β)  β = a)
8255  proof (rule GEN; rule "→I")
8256    fix β
8257    AOT_assume Universal(β)
8258    AOT_hence abs_β: A!β and β[F] for F
8259      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8260    AOT_hence β[F]  a[F] for F
8261      using aF by (metis "deduction-theorem" "≡I")
8262    AOT_hence F (β[F]  a[F]) by (rule GEN)
8263    AOT_thus β = a
8264      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8265            "&I" abs_β by blast
8266  qed
8267  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8268    using "&I" "∃I" by fast
8269qed
8270
8271AOT_theorem "null-uni-uniq:3": ιx Null(x)
8272  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8273
8274AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8275  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8276
8277AOT_define Null_object :: ‹κs (a)
8278  "df-null-uni-terms:1": a =df ιx Null(x)
8279
8280AOT_define Universal_object :: ‹κs (aV)
8281  "df-null-uni-terms:2": aV =df ιx Universal(x)
8282
8283AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8284proof (rule "→I")
8285  AOT_assume Null(x)
8286  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8287    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8288  AOT_have ¬x[F] for F using x_null
8289    using "existential:2[const_var]" "reductio-aa:1"
8290    by metis
8291  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8292  AOT_hence F ¬x[F] by (rule GEN)
8293  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8294  moreover AOT_have F ¬x[F]  ¬F x[F]
8295    apply (rule RM)
8296    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8297                           "→I" "reductio-aa:1" "rule-ui:1")
8298  ultimately AOT_have ¬F x[F]
8299    by (metis "→E")
8300  moreover AOT_have A!x using x_abs
8301    using "oa-facts:2" "vdash-properties:10" by blast
8302  ultimately AOT_have r: (A!x & ¬F x[F])
8303    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8304  AOT_show Null(x)
8305    by (AOT_subst Null(x) A!x & ¬F x[F])
8306       (auto simp: "df-null-uni:1" "≡Df" r)
8307qed  
8308
8309AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8310proof (rule "→I")
8311  AOT_assume Universal(x)
8312  AOT_hence x_abs: A!x and x_univ: F x[F]
8313    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8314  AOT_have x[F] for F using x_univ "∀E" by blast
8315  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8316  AOT_hence F x[F] by (rule GEN)
8317  AOT_hence F x[F] by (rule BF[THEN "→E"])
8318  moreover AOT_have A!x using x_abs
8319    using "oa-facts:2" "vdash-properties:10" by blast
8320  ultimately AOT_have r: (A!x & F x[F])
8321    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8322  AOT_show Universal(x)
8323    by (AOT_subst Universal(x) A!x & F x[F])
8324       (auto simp add: "df-null-uni:2" "≡Df" r)
8325qed
8326
8327AOT_theorem "null-uni-facts:3": Null(a)
8328  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8329   apply (simp add: "null-uni-uniq:3")
8330  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8331    "sc-eq-fur:2"[THEN "→E",
8332        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8333        THEN "≡E"(1)]
8334  by blast
8335
8336AOT_theorem "null-uni-facts:4": Universal(aV)
8337  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8338   apply (simp add: "null-uni-uniq:4")
8339  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8340    "sc-eq-fur:2"[THEN "→E",
8341        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8342        THEN "≡E"(1)]
8343  by blast
8344
8345AOT_theorem "null-uni-facts:5": a  aV
8346proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8347    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8348    rule "≡dfI"[OF "=-infix"];
8349    rule "raa-cor:2")
8350  AOT_obtain x where nullx: Null(x)
8351    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8352              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8353  AOT_hence act_null: 𝒜Null(x)
8354    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8355  AOT_assume ιx Null(x) = ιx Universal(x)
8356  AOT_hence 𝒜x(Null(x)  Universal(x))
8357    using "actual-desc:5"[THEN "→E"] by blast
8358  AOT_hence x 𝒜(Null(x)  Universal(x))
8359    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8360  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8361    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8362  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8363  AOT_hence Universal(x)
8364    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8365  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8366  moreover AOT_have ¬F x[F]
8367    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8368  ultimately AOT_show p & ¬p for p
8369    by (metis "cqt-further:1" "raa-cor:3" "→E")
8370qed
8371
8372AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8373proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8374  AOT_show ιx([A!]x & F (x[F]  F  F))
8375    by (simp add: "A-descriptions")
8376next
8377  AOT_show a
8378    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8379       (simp add: "null-uni-uniq:3")
8380next
8381  AOT_have ιx([A!]x & F (x[F]  F  F))
8382    by (simp add: "A-descriptions")
8383  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8384    using "rule=I:1" by blast
8385  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8386    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8387           rule "&I")
8388     apply (meson "≡dfE" "Conjunction Simplification"(1)
8389                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8390                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8391    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8392next
8393  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8394  proof (rule GEN)
8395    fix F
8396    AOT_have ¬a[F]
8397      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8398         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8399                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8400                "raa-cor:2" "rule-id-df:2:a[zero]"
8401                "russell-axiom[enc,1].ψ_denotes_asm")
8402    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8403    proof(rule "raa-cor:2")
8404      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8405      AOT_hence 𝒜(F  F)
8406        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8407      moreover AOT_have ¬𝒜(F  F)
8408        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8409              "=-infix" "raa-cor:3" by blast
8410      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8411    qed
8412    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8413      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8414  qed
8415qed
8416
8417AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8418proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8419  AOT_show ιx([A!]x & F (x[F]  F = F))
8420    by (simp add: "A-descriptions")
8421next
8422  AOT_show aV
8423    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8424       (simp add: "null-uni-uniq:4")
8425next
8426  AOT_have ιx([A!]x & F (x[F]  F = F))
8427    by (simp add: "A-descriptions")
8428  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8429    using "rule=I:1" by blast
8430  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8431    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8432           rule "&I")
8433     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8434                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8435                  "rule-id-df:2:a[zero]" "→E")
8436    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8437next
8438  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8439  proof (rule GEN)
8440    fix F
8441    AOT_have aV[F]
8442      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8443      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8444            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8445            "rule-ui:3" by blast
8446    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8447      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8448    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8449      using "deduction-theorem" "≡I" by simp
8450  qed
8451qed
8452
8453AOT_theorem "aclassical:1":
8454Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8455proof(rule GEN)
8456  fix R
8457  AOT_obtain a where a_prop:
8458    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8459    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8460  AOT_have a_enc: az [R]za]
8461  proof (rule "raa-cor:1")
8462    AOT_assume 0: ¬az [R]za]
8463    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8464      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8465                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8466                THEN "≡E"(1), rotated])
8467         "cqt:2[lambda]"
8468    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8469      using "cqt-further:4" "vdash-properties:10" by blast
8470    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8471      using "∀E" by blast
8472    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8473      by (metis "&I" "deduction-theorem" "raa-cor:3")
8474    moreover AOT_have z [R]za] = z [R]za]
8475      by (rule "=I") "cqt:2[lambda]"
8476    ultimately AOT_have az [R]za]
8477      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8478    AOT_thus az [R]za] & ¬az [R]za]
8479      using 0 "&I" by blast
8480  qed
8481  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8482    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8483       "cqt:2"
8484  then AOT_obtain b where b_prop:
8485    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8486    using "∃E"[rotated] by blast
8487  AOT_have a  b
8488    apply (rule "≡dfI"[OF "=-infix"])
8489    using a_enc b_prop[THEN "&E"(2)]
8490    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8491          "raa-cor:3" "reductio-aa:1" by fast
8492  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8493    using b_prop "&E" a_prop "&I" by meson
8494  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8495  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8496qed
8497
8498AOT_theorem "aclassical:2":
8499  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8500proof(rule GEN)
8501  fix R
8502  AOT_obtain a where a_prop:
8503    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8504    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8505  AOT_have a_enc: az [R]az]
8506  proof (rule "raa-cor:1")
8507    AOT_assume 0: ¬az [R]az]
8508    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8509      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8510                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8511                THEN "≡E"(1), rotated])
8512         "cqt:2[lambda]"
8513    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8514      using "cqt-further:4" "vdash-properties:10" by blast
8515    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8516      using "∀E" by blast
8517    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8518      by (metis "&I" "deduction-theorem" "raa-cor:3")
8519    moreover AOT_have z [R]az] = z [R]az]
8520      by (rule "=I") "cqt:2[lambda]"
8521    ultimately AOT_have az [R]az]
8522      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8523    AOT_thus az [R]az] & ¬az [R]az]
8524      using 0 "&I" by blast
8525  qed
8526  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8527    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8528       "cqt:2"
8529  then AOT_obtain b where b_prop:
8530    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8531    using "∃E"[rotated] by blast
8532  AOT_have a  b
8533    apply (rule "≡dfI"[OF "=-infix"])
8534    using a_enc b_prop[THEN "&E"(2)]
8535    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8536          "raa-cor:3" "reductio-aa:1" by fast
8537  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8538    using b_prop "&E" a_prop "&I" by meson
8539  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8540  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8541qed
8542
8543AOT_theorem "aclassical:3":
8544  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8545proof(rule GEN)
8546  fix R
8547  AOT_obtain a where a_prop:
8548    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8549    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8550  AOT_have den: z [R]a] by "cqt:2[lambda]"
8551  AOT_have a_enc: az [R]a]
8552  proof (rule "raa-cor:1")
8553    AOT_assume 0: ¬az [R]a]
8554    AOT_hence ¬y(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8555      by (safe intro!: a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ=«z [R]a]»],
8556                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8557                THEN "≡E"(1), rotated] "cqt:2") 
8558    AOT_hence y ¬(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8559      using "cqt-further:4" "→E" by blast
8560    AOT_hence ¬(A!a & z [R]a] = z [R]a] & ¬az [R]a]) using "∀E" by blast
8561    AOT_hence (A!a & z [R]a] = z [R]a])  az [R]a]
8562      by (metis "&I" "deduction-theorem" "raa-cor:3")
8563    AOT_hence az [R]a]
8564      using a_prop[THEN "&E"(1)] "→E" "&I"
8565      by (metis "rule=I:1" den)
8566    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8567  qed
8568  AOT_hence y(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8569    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), OF den, THEN "≡E"(1), rotated])
8570  then AOT_obtain b where b_prop: A!b & z [R]a] = z [R]b] & ¬bz [R]a]
8571    using "∃E"[rotated] by blast
8572  AOT_have 1: a  b
8573    apply (rule "≡dfI"[OF "=-infix"])
8574    using a_enc b_prop[THEN "&E"(2)]
8575    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8576          "raa-cor:3" "reductio-aa:1" by fast
8577  AOT_have a:  [R]a] = ([R]a)
8578    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8579    by (meson "log-prop-prop:2")
8580  AOT_have b:  [R]b] = ([R]b)
8581    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8582    by (meson "log-prop-prop:2")
8583  AOT_have  [R]a] =  [R]b]
8584    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8585    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8586    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8587    using b_prop "&E" apply blast
8588    apply (safe intro!: "&I")
8589    by (simp add: "log-prop-prop:2")+
8590  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8591    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8592          "&I" by auto
8593  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8594  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8595qed
8596
8597AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8598proof -
8599  AOT_have x y ([A!]x & [A!]y & x  y &
8600               z xy F ([F]x  [F]y)]zx] =
8601               z xy F ([F]x  [F]y)]zy])
8602    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8603       "cqt:2"
8604  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8605               z xy F ([F]x  [F]y)]zx] =
8606               z xy F ([F]x  [F]y)]zy])
8607    using "∃E"[rotated] by blast
8608  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8609               z xy F ([F]x  [F]y)]zx] =
8610               z xy F ([F]x  [F]y)]zy])
8611    using "∃E"[rotated] by blast
8612  AOT_have z xy F ([F]x  [F]y)]zx]x
8613    by (auto intro!: "β←C"(1) "cqt:2";
8614        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8615                  "oth-class-taut:3:a" "universal-cor")
8616  AOT_hence z xy F ([F]x  [F]y)]zy]x
8617    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8618  AOT_hence xy F ([F]x  [F]y)]xy
8619    by (rule "β→C"(1))
8620  AOT_hence F ([F]x  [F]y)
8621    using "β→C"(1) old.prod.case by fast
8622  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8623    using 0 "&E" "&I" by blast
8624  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8625  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8626qed
8627
8628AOT_theorem "kirchner-thm:1":
8629  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8630proof(rule "≡I"; rule "→I")
8631  AOT_assume x φ{x}]
8632  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8633  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8634  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8635    AOT_modally_strict {
8636      fix x y
8637      AOT_assume 0: x φ{x}]
8638      moreover AOT_assume F([F]x  [F]y)
8639      ultimately AOT_have x φ{x}]x  x φ{x}]y
8640        using "∀E" by blast
8641      AOT_thus (φ{x}  φ{y})
8642        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8643    }
8644  qed
8645  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8646    using "→E" by blast
8647next
8648  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8649            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8650  proof(rule "RM:1"; rule "→I"; rule GEN)
8651    AOT_modally_strict {
8652      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8653      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8654        using "∀E"(2) "→E" that by blast
8655      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8656      proof (rule "raa-cor:1")
8657        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8658        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8659                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8660          using "≡E"(1) "oth-class-taut:4:h" by blast
8661        moreover {
8662          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8663          AOT_obtain a where F([F]a  [F]y) & φ{a}
8664            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8665          AOT_hence φ{y}
8666            using indisc[THEN "≡E"(1)] "&E" by blast
8667          AOT_hence p & ¬p for p
8668            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8669        }
8670        moreover {
8671          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8672          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8673            using "&E"(1) "cqt-further:4" "→E" by blast
8674          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8675            using "∀E" by blast
8676          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8677            using "≡E"(1) "oth-class-taut:5:c" by blast
8678          moreover AOT_have F([F]y  [F]y)
8679            by (simp add: "oth-class-taut:3:a" "universal-cor")
8680          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8681          AOT_hence p & ¬p for p
8682            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8683        }
8684        ultimately AOT_show p & ¬p for p
8685          using "∨E"(3) "raa-cor:1" by blast
8686      qed
8687    }
8688  qed
8689  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8690  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8691    using "→E" by blast
8692  AOT_thus x φ{x}]
8693    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8694qed
8695
8696AOT_theorem "kirchner-thm:2":
8697  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8698    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8699proof(rule "≡I"; rule "→I")
8700  AOT_assume x1...xn φ{x1...xn}]
8701  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8702  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8703    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8704  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8705    AOT_modally_strict {
8706      fix x1xn y1yn :: 'a AOT_var›
8707      AOT_assume 0: x1...xn φ{x1...xn}]
8708      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8709      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8710                           x1...xn φ{x1...xn}]y1...yn
8711        using "∀E" by blast
8712      AOT_thus (φ{x1...xn}  φ{y1...yn})
8713        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8714    }
8715  qed
8716  ultimately AOT_show x1...∀xny1...∀yn(
8717    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8718  )
8719    using "→E" by blast
8720next
8721  AOT_have 8722    (x1...∀xny1...∀yn
8723      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8724     y1...∀yn
8725        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8726         φ{y1...yn})
8727  proof(rule "RM:1"; rule "→I"; rule GEN)
8728    AOT_modally_strict {
8729      AOT_assume x1...∀xny1...∀yn
8730        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8731      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8732        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8733        using "∀E"(2) "→E" that by blast
8734      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8735                φ{y1...yn} for y1yn
8736      proof (rule "raa-cor:1")
8737        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8738                    φ{y1...yn})
8739        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8740                    & φ{x1...xn}))
8741                    & ¬φ{y1...yn}) 
8742                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8743                   & φ{y1...yn})
8744          using "≡E"(1) "oth-class-taut:4:h" by blast
8745        moreover {
8746          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8747                         & ¬φ{y1...yn}
8748          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8749            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8750          AOT_hence φ{y1...yn}
8751            using indisc[THEN "≡E"(1)] "&E" by blast
8752          AOT_hence p & ¬p for p
8753            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8754        }
8755        moreover {
8756          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8757                         & φ{y1...yn}
8758          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8759            using "&E"(1) "cqt-further:4" "→E" by blast
8760          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8761            using "∀E" by blast
8762          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8763            using "≡E"(1) "oth-class-taut:5:c" by blast
8764          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8765            by (simp add: "oth-class-taut:3:a" "universal-cor")
8766          ultimately AOT_have ¬φ{y1...yn}
8767            by (metis "¬¬I" "∨E"(2))
8768          AOT_hence p & ¬p for p
8769            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8770        }
8771        ultimately AOT_show p & ¬p for p
8772          using "∨E"(3) "raa-cor:1" by blast
8773      qed
8774    }
8775  qed
8776  moreover AOT_assume x1...∀xny1...∀yn
8777    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8778  ultimately AOT_have y1...∀yn
8779    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8780     φ{y1...yn})
8781    using "→E" by blast
8782  AOT_thus x1...xn φ{x1...xn}]
8783    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8784qed
8785
8786AOT_theorem "kirchner-thm-cor:1":
8787  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8788proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8789  fix x y
8790  AOT_assume x φ{x}]
8791  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8792    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8793  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8794    using CBF[THEN "→E"] by blast
8795  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8796    using "∀E" by blast
8797  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8798    using CBF[THEN "→E"] by blast
8799  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8800    using "∀E" by blast
8801  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8802    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8803  moreover AOT_assume F([F]x  [F]y)
8804  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8805qed
8806
8807AOT_theorem "kirchner-thm-cor:2":
8808  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8809    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8810proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8811  fix x1xn y1yn
8812  AOT_assume x1...xn φ{x1...xn}]
8813  AOT_hence 0: x1...∀xny1...∀yn
8814    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8815    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8816  AOT_have x1...∀xny1...∀yn
8817    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8818  proof(rule GEN; rule GEN)
8819    fix x1xn y1yn
8820    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8821      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8822      using "∀E" by blast
8823  qed
8824  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8825                         (φ{x1...xn}  φ{y1...yn}))
8826    using "∀E" by blast
8827  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8828    using "∀E" by blast
8829  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8830    using "∀E" by blast
8831  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8832    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8833  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8834  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8835  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8836                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8837    using "∀E" by blast
8838  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8839    apply (rule "β←C"(1))
8840      apply "cqt:2[lambda]"
8841     apply (fact "cqt:2[const_var]"[axiom_inst])
8842    by (simp add: RN GEN "oth-class-taut:3:a")
8843  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8844    using "≡E"(2) by blast
8845  AOT_hence F ([F]x1...xn  [F]y1...yn)
8846    using "β→C"(1) by blast
8847  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8848qed
8849
8850subsection‹Propositional Properties›
8851text‹\label{PLM: 9.12}›
8852
8853AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8854  "prop-prop1": Propositional([F]) df p(F = y p])
8855
8856AOT_theorem "prop-prop2:1": p y p]
8857  by (rule GEN) "cqt:2[lambda]"
8858
8859AOT_theorem "prop-prop2:2": ν φ]
8860  by "cqt:2[lambda]"
8861
8862AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8863proof (rule "→I")
8864  AOT_assume 0: F = y p]
8865  AOT_show x([F]x  p)
8866    by (rule "rule=E"[rotated, OF 0[symmetric]];
8867        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8868      "cqt:2[lambda]"
8869qed
8870
8871AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8872proof(rule "→I")
8873  AOT_assume Propositional([F])
8874  AOT_hence p(F = y p])
8875    using "≡dfE"[OF "prop-prop1"] by blast
8876  then AOT_obtain p where F = y p]
8877    using "∃E"[rotated] by blast
8878  AOT_hence (F = y p])
8879    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8880  AOT_hence p (F = y p])
8881    using "∃I" by fast
8882  AOT_hence 0: p (F = y p])
8883    by (metis Buridan "vdash-properties:10")
8884  AOT_thus Propositional([F])
8885    using "prop-prop1"[THEN "≡Df"]
8886    by (AOT_subst Propositional([F]) p (F = y p])) auto
8887qed
8888
8889AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8890  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8891
8892AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8893proof(rule "→I")
8894  AOT_assume Propositional([Π])
8895  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8896  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8897  AOT_show Indiscriminate([Π])
8898  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8899    AOT_show Π
8900      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8901  next
8902    AOT_show (x [Π]x  x [Π]x)
8903    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8904           rule RN; rule "→I"; rule GEN)
8905      AOT_modally_strict {
8906        AOT_assume x y p]x
8907        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8908        AOT_hence 0: p by (metis "β→C"(1))
8909        AOT_show y p]x for x
8910          apply (rule "β←C"(1))
8911            apply "cqt:2[lambda]"
8912           apply (fact "cqt:2[const_var]"[axiom_inst])
8913          by (fact 0)
8914      }
8915    qed
8916  qed
8917qed
8918
8919AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8920proof (rule "→I")
8921  AOT_assume Necessary([F])
8922  AOT_hence 0: x1...∀xn [F]x1...xn
8923    using "≡dfE"[OF "contingent-properties:1"] by blast
8924  AOT_show Indiscriminate([F])
8925    by (rule "≡dfI"[OF "prop-indis"])
8926       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8927qed
8928
8929AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8930proof (rule "→I")
8931  AOT_modally_strict {
8932    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8933      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8934  }
8935  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8936    by (rule "RM:1")
8937  AOT_assume Impossible([F])
8938  AOT_hence x ¬[F]x
8939    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8940  AOT_hence 1: (x [F]x  x [F]x)
8941    using 0 "→E" by blast
8942  AOT_show Indiscriminate([F])
8943    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8944       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8945qed
8946
8947AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8948proof(rule "raa-cor:2")
8949  AOT_assume Indiscriminate([E!])
8950  AOT_hence 0: (x [E!]x  x [E!]x)
8951    using "≡dfE"[OF "prop-indis"] "&E" by blast
8952  AOT_hence x [E!]x  x [E!]x
8953    using "KBasic:13" "vdash-properties:10" by blast
8954  moreover AOT_have x [E!]x
8955    by (simp add: "thm-cont-e:3")
8956  ultimately AOT_have x [E!]x
8957    by (metis "vdash-properties:6")
8958  AOT_thus p & ¬p for p
8959    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8960qed
8961
8962AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8963proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8964       rule "raa-cor:2")
8965  AOT_assume Indiscriminate(x ¬[E!]x])
8966  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8967    using "≡dfE"[OF "prop-indis"] "&E" by blast
8968  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8969    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8970  moreover AOT_have x x ¬[E!]x]x
8971    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8972    apply (rule "beta-C-meta"[THEN "→E"])
8973     apply "cqt:2"
8974    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8975                           "o-objects-exist:5" "→E")
8976  ultimately AOT_have 1: x x ¬[E!]x]x
8977    by (metis "vdash-properties:6")
8978  AOT_hence x ¬[E!]x
8979    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8980       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8981  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8982  moreover AOT_obtain a where abs_a: O!a
8983    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8984  ultimately AOT_have ¬[E!]a using "∀E" by blast
8985  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8986  AOT_have A!a
8987    apply (rule "=dfI"(2)[OF AOT_abstract])
8988     apply "cqt:2[lambda]"
8989    apply (rule "β←C"(1))
8990      apply "cqt:2[lambda]"
8991    using "cqt:2[const_var]"[axiom_inst] apply blast
8992    by (fact 2)
8993  AOT_thus p & ¬p for p using abs_a
8994    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8995qed
8996
8997AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8998proof(rule "raa-cor:2")
8999  AOT_assume Indiscriminate(O!)
9000  AOT_hence 0: (x O!x  x O!x)
9001    using "≡dfE"[OF "prop-indis"] "&E" by blast
9002  AOT_hence x O!x  x O!x
9003    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
9004  moreover AOT_have x O!x
9005    using "o-objects-exist:1" by blast
9006  ultimately AOT_have x O!x
9007    by (metis "vdash-properties:6")
9008  AOT_thus p & ¬p for p
9009    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
9010qed
9011
9012AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
9013proof(rule "raa-cor:2")
9014  AOT_assume Indiscriminate(A!)
9015  AOT_hence 0: (x A!x  x A!x)
9016    using "≡dfE"[OF "prop-indis"] "&E" by blast
9017  AOT_hence x A!x  x A!x
9018    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
9019  moreover AOT_have x A!x
9020    using "o-objects-exist:2" by blast
9021  ultimately AOT_have x A!x
9022    by (metis "vdash-properties:6")
9023  AOT_thus p & ¬p for p
9024    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
9025qed
9026
9027AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
9028  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
9029
9030AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
9031  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
9032
9033AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
9034  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
9035
9036AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
9037  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
9038
9039AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
9040proof(rule "→I")
9041  AOT_assume p (F = y p])
9042  AOT_hence p (F = y p])
9043    by (metis "BF◇" "→E")
9044  then AOT_obtain p where (F = y p])
9045    using "∃E"[rotated] by blast
9046  AOT_hence F = y p]
9047    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
9048  AOT_thus p(F = y p]) by (rule "∃I")
9049qed
9050
9051AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
9052proof(rule "→I")
9053  AOT_assume p (F  y p])
9054  AOT_hence (F  y p]) for p
9055    using "∀E" by blast
9056  AOT_hence (F  y p]) for p
9057    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
9058  AOT_hence p (F  y p]) by (rule GEN)
9059  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
9060qed
9061
9062AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
9063proof(rule "→I")
9064  AOT_assume p (F = y p])
9065  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
9066  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
9067  AOT_hence p(F = y p]) by (rule "∃I")
9068  AOT_thus p(F = y p]) by (metis Buridan "→E")
9069qed
9070
9071AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
9072proof(rule "→I")
9073  AOT_assume p (F  y p])
9074  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
9075  AOT_hence (F  y p]) for p
9076    using "∀E" by blast
9077  AOT_hence F  y p] for p
9078    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
9079  AOT_thus p (F  y p]) by (rule GEN)
9080qed
9081
9082AOT_theorem "enc-prop-nec:1":
9083  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9084proof(rule "→I"; rule GEN; rule "→I")
9085  fix F
9086  AOT_assume F (x[F]  p(F = y p]))
9087  AOT_hence F (x[F]  p(F = y p]))
9088    using "Buridan◇" "vdash-properties:10" by blast
9089  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
9090  AOT_assume x[F]
9091  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
9092  AOT_hence p(F = y p])
9093    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
9094  AOT_thus p(F = y p])
9095    using "prop-prop-nec:1"[THEN "→E"] by blast
9096qed
9097
9098AOT_theorem "enc-prop-nec:2":
9099  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
9100  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
9101  by blast
9102
9103(*<*)
9104end
9105(*>*)